Overview

Cloudera Environments Service is a web service that manages cloud provider access.

Version information

Version : 0.9.111

License information

License : Apache 2.0
Terms of service : https://www.cloudera.com/legal/commercial-terms-and-conditions.html

URI scheme

Schemes : HTTPS

Consumes

  • application/json

Produces

  • application/json

Paths

Attach recipes to FreeIPA.

POST /api/v1/environments2/attachFreeIpaRecipes

Description

Attach recipes to FreeIPA.

Parameters

Type Name Schema

Body

input
required

AttachFreeIpaRecipesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

AttachFreeIpaRecipesResponse

default

The default response on an error.

Error

Cancel running FreeIPA diagnostics collections

POST /api/v1/environments2/cancelFreeipaDiagnostics

Description

Cancel running FreeIPA diagnostics collection

Parameters

Type Name Schema

Body

input
required

CancelFreeipaDiagnosticsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CancelFreeipaDiagnosticsResponse

default

The default response on an error.

Error

Changes the credential for an environment.

POST /api/v1/environments2/changeEnvironmentCredential

Description

Changes the credential for an environment.

Parameters

Type Name Schema

Body

input
required

ChangeEnvironmentCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

ChangeEnvironmentCredentialResponse

default

The default response on an error.

Error

Checks Database connectivity based on the input parameters.

POST /api/v1/environments2/checkDatabaseConnectivity

Description

Checks Database connectivity based on the input parameters.

Parameters

Type Name Schema

Body

input
required

CheckDatabaseConnectivityRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CheckDatabaseConnectivityResponse

default

The default response on an error.

Error

Checks connectivity to a new Private Cloud environment by trying to access the Cloudera Manager address with provided credentials.

POST /api/v1/environments2/checkEnvironmentConnectivity

Description

Checks connectivity to a Private Cloud environment.

Parameters

Type Name Schema

Body

input
required

CheckEnvironmentConnectivityRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CheckEnvironmentConnectivityResponse

default

The default response on an error.

Error

Checks connectivity to a Kubernetes address with provided kubeconfig files.

POST /api/v1/environments2/checkKubernetesConnectivity

Description

Checks connectivity to a Kubernetes address with provided kubeconfig files.

Parameters

Type Name Schema

Body

input
required

CheckKubernetesConnectivityRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CheckKubernetesConnectivityResponse

default

The default response on an error.

Error

Start FreeIPA diagnostics collection

POST /api/v1/environments2/collectFreeipaDiagnostics

Description

Start FreeIPA diagnostics collection

Parameters

Type Name Schema

Body

input
required

CollectFreeipaDiagnosticsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CollectFreeipaDiagnosticsResponse

default

The default response on an error.

Error

Creates a new AWS credential that can be attatched to an environment. The credential is used for authorization to provision resources such as compute instances within your cloud provider account.

POST /api/v1/environments2/createAWSCredential

Description

Creates a new AWS credential.

Parameters

Type Name Schema

Body

input
required

CreateAWSCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CreateAWSCredentialResponse

default

The default response on an error.

Error

Creates a new AWS environment by providing the cloud provider access and network information. A FreeIPA server will be automatically provisioned when an environment is created.

POST /api/v1/environments2/createAWSEnvironment

Description

Creates a new AWS environment.

Parameters

Type Name Schema

Body

input
required

CreateAWSEnvironmentRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CreateAWSEnvironmentResponse

default

The default response on an error.

Error

Creates a new AWS credential for GovCloud that can be attatched to an environment. The credential is used for authorization to provision resources such as compute instances within your cloud provider account.

POST /api/v1/environments2/createAWSGovCloudCredential

Description

Creates a new AWS credential for GovCloud.

Parameters

Type Name Schema

Body

input
required

CreateAWSGovCloudCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CreateAWSGovCloudCredentialResponse

default

The default response on an error.

Error

Creates a new AWS GovCloud environment by providing the cloud provider access and network information. A FreeIPA server will be automatically provisioned when an environment is created.

POST /api/v1/environments2/createAWSGovCloudEnvironment

Description

Creates a new AWS GovCloud environment.

Parameters

Type Name Schema

Body

input
required

CreateAWSGovCloudEnvironmentRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CreateAWSGovCloudEnvironmentResponse

default

The default response on an error.

Error

Creates a new Azure credential that can be attached to an environment. The credential is used for authorization to provision resources such as compute instances within your cloud provider account.

POST /api/v1/environments2/createAzureCredential

Description

Creates a new Azure credential.

Parameters

Type Name Schema

Body

input
required

CreateAzureCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CreateAzureCredentialResponse

default

The default response on an error.

Error

Creates a new Azure environment by providing the cloud provider access and network information. A FreeIPA server will be automatically provisioned when an environment is created.

POST /api/v1/environments2/createAzureEnvironment

Description

Creates a new Azure environment.

Parameters

Type Name Schema

Body

input
required

CreateAzureEnvironmentRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CreateAzureEnvironmentResponse

default

The default response on an error.

Error

Creates a new GCP credential that can be attatched to an environment. The credential is used for authorization to provision resources such as compute instances within your cloud provider account.

POST /api/v1/environments2/createGCPCredential

Description

Creates a new GCP credential.

Parameters

Type Name Schema

Body

input
required

CreateGCPCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CreateGCPCredentialResponse

default

The default response on an error.

Error

Creates a new GCP environment by providing the cloud provider access and network information. A FreeIPA server will be automatically provisioned when an environment is created.

POST /api/v1/environments2/createGCPEnvironment

Description

Creates a new GCP environment.

Parameters

Type Name Schema

Body

input
required

CreateGCPEnvironmentRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CreateGCPEnvironmentResponse

default

The default response on an error.

Error

Creates a new Private Cloud environment by providing the Cloudera Manager address and credentials.

POST /api/v1/environments2/createPrivateEnvironment

Description

Creates a new Private Cloud environment.

Parameters

Type Name Schema

Body

input
required

CreatePrivateEnvironmentRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CreatePrivateEnvironmentResponse

default

The default response on an error.

Error

Creates a new proxy config that can be attatched to an environment.

POST /api/v1/environments2/createProxyConfig

Description

Creates a new proxy config.

Parameters

Type Name Schema

Body

input
required

CreateProxyConfigRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

CreateProxyConfigResponse

default

The default response on an error.

Error

Deletes an audit credential.

POST /api/v1/environments2/deleteAuditCredential

Description

Deletes an audit credential.

Parameters

Type Name Schema

Body

input
required

DeleteAuditCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

DeleteAuditCredentialResponse

default

The default response on an error.

Error

Deletes a credential.

POST /api/v1/environments2/deleteCredential

Description

Deletes a credential.

Parameters

Type Name Schema

Body

input
required

DeleteCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

DeleteCredentialResponse

default

The default response on an error.

Error

Deletes an environment.

POST /api/v1/environments2/deleteEnvironment

Description

Deletes an environment.

Parameters

Type Name Schema

Body

input
required

DeleteEnvironmentRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

DeleteEnvironmentResponse

default

The default response on an error.

Error

Deletes a proxy config.

POST /api/v1/environments2/deleteProxyConfig

Description

Deletes a proxy config.

Parameters

Type Name Schema

Body

input
required

DeleteProxyConfigRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

DeleteProxyConfigResponse

default

The default response on an error.

Error

Describes an environment.

POST /api/v1/environments2/describeEnvironment

Description

Describes an environment.

Parameters

Type Name Schema

Body

input
required

DescribeEnvironmentRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

DescribeEnvironmentResponse

default

The default response on an error.

Error

Detach recipes from FreeIPA.

POST /api/v1/environments2/detachFreeIpaRecipes

Description

Detach recipes from FreeIPA.

Parameters

Type Name Schema

Body

input
required

DetachFreeIpaRecipesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

DetachFreeIpaRecipesResponse

default

The default response on an error.

Error

Downscales FreeIPA instances.

POST /api/v1/environments2/downscaleFreeipa

Description

FreeIPA is an integrated Identity and Authentication solution that can be used for any of CM, CDP services.

Parameters

Type Name Schema

Body

input
required

DownscaleFreeipaRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

DownscaleFreeipaResponse

default

The default response on an error.

Error

Get account level telemetry settings. (telemetry features and anonymization rules)

POST /api/v1/environments2/getAccountTelemetry

Description

Get account level telemetry settings. (telemetry features and anonymization rules)

Parameters

Type Name Schema

Body

input
required

GetAccountTelemetryRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetAccountTelemetryResponse

default

The default response on an error.

Error

Get default account level telemetry settings. Helps to set back the default values.

POST /api/v1/environments2/getAccountTelemetryDefault

Description

Get default account level telemetry settings. Helps to set back the default values.

Parameters

Type Name Schema

Body

input
required

GetAccountTelemetryDefaultRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetAccountTelemetryDefaultResponse

default

The default response on an error.

Error

This API provides the audit credential prerequisites for the given cloud provider.

POST /api/v1/environments2/getAuditCredentialPrerequisites

Description

Provides the the audit credential prerequisites for the given cloud provider.

Parameters

Type Name Schema

Body

input
required

GetAuditCredentialPrerequisitesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetAuditCredentialPrerequisitesResponse

default

The default response on an error.

Error

Gets account level Azure Marketplace image policy. CDP is capable to automatically accept Azure Marketplace image terms during cluster deployment. You can use this setting in your account to opt in or opt out this behaviour.

POST /api/v1/environments2/getAzureImageTermsPolicy

Description

Gets account level Azure Marketplace image policy. CDP is capable to automatically accept Azure Marketplace image terms during cluster deployment. You can use this setting in your account to opt in or opt out this behaviour.

Parameters

Type Name Schema

Body

input
required

GetAzureImageTermsPolicyRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetAzureImageTermsPolicyResponse

default

The default response on an error.

Error

This API provides the credential prerequisites for the given cloud provider.

POST /api/v1/environments2/getCredentialPrerequisites

Description

Provides the the credential prerequisites for the given cloud provider.

Parameters

Type Name Schema

Body

input
required

GetCredentialPrerequisitesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetCredentialPrerequisitesResponse

default

The default response on an error.

Error

Read a configuration setting from the environment service.

POST /api/v1/environments2/getEnvironmentSetting

Description

Read a configuration setting from the environment service.

Parameters

Type Name Schema

Body

input
required

GetEnvironmentSettingRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetEnvironmentSettingResponse

default

The default response on an error.

Error

Returns the user synchronization state for an environment.

POST /api/v1/environments2/getEnvironmentUserSyncState

Description

Returns the user synchronization state for an environment.

Parameters

Type Name Schema

Body

input
required

GetEnvironmentUserSyncStateRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetEnvironmentUserSyncStateResponse

default

The default response on an error.

Error

Gather log descriptors that are used for diagnostics collection.

POST /api/v1/environments2/getFreeipaLogDescriptors

Description

Gather log descriptors that are used for diagnostics collection.

Parameters

Type Name Schema

Body

input
required

GetFreeipaLogDescriptorsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetFreeipaLogDescriptorsResponse

default

The default response on an error.

Error

Get the status of the FreeIPA services

POST /api/v1/environments2/getFreeipaStatus

Description

Gets the status of the FreeIPA nodes services and connectivity.

Parameters

Type Name Schema

Body

input
required

GetFreeipaStatusRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetFreeipaStatusResponse

default

The default response on an error.

Error

This API provides the audit credential prerequisites for GovCloud for the enabled providers.

POST /api/v1/environments2/getGovCloudAuditCredentialPrerequisites

Description

Provides the the audit credential prerequisites for GovCloud for the enabled providers.

Parameters

Type Name Schema

Body

input
required

GetGovCloudAuditCredentialPrerequisitesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetGovCloudAuditCredentialPrerequisitesResponse

default

The default response on an error.

Error

This API provides the credential prerequisites for GovCloud for the enabled providers.

POST /api/v1/environments2/getGovCloudCredentialPrerequisites

Description

Provides the the credential prerequisites for GovCloud for the enabled providers.

Parameters

Type Name Schema

Body

input
required

GetGovCloudCredentialPrerequisitesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetGovCloudCredentialPrerequisitesResponse

default

The default response on an error.

Error

Gets all ID Broker mappings for an environment.

POST /api/v1/environments2/getIdBrokerMappings

Description

Gets all ID Broker mappings for an environment.

Parameters

Type Name Schema

Body

input
required

GetIdBrokerMappingsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetIdBrokerMappingsResponse

default

The default response on an error.

Error

Gets ID Broker mappings sync status.

POST /api/v1/environments2/getIdBrokerMappingsSyncStatus

Description

Gets the status of the most recent ID Broker mappings sync operation, if any.

Parameters

Type Name Schema

Body

input
required

GetIdBrokerMappingsSyncStatusRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetIdBrokerMappingsSyncStatusResponse

default

The default response on an error.

Error

Retrieves a keytab for a user or machine user.

POST /api/v1/environments2/getKeytab

Description

Retrieves a keytab for a user or machine user.

Parameters

Type Name Schema

Body

input
required

GetKeytabRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetKeytabResponse

default

The default response on an error.

Error

Get the latest (in progress or finished) operation for the environment resource.

POST /api/v1/environments2/getOperation

Description

Get the latest (in progress or finished) operation for the environment resource.

Parameters

Type Name Schema

Body

input
required

GetOperationRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetOperationResponse

default

The default response on an error.

Error

Returns status of the repair operation for the operation id.

POST /api/v1/environments2/getRepairFreeipaStatus

Description

Returns status of the repair operation for the operation id. Operation Id should be one of the previously requested repair operation ids.

Parameters

Type Name Schema

Body

input
required

GetRepairFreeipaStatusRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetRepairFreeipaStatusResponse

default

The default response on an error.

Error

This API provides contents of public certificate for an environment.

POST /api/v1/environments2/getRootCertificate

Description

This API provides the contents of the root public certificate for an environment. The contents are a base64 encoded blob between —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—–. This certificate can be imported by end users to establish trust with environment resources.

Parameters

Type Name Schema

Body

input
required

GetRootCertificateRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

GetRootCertificateResponse

default

The default response on an error.

Error

Lists audit credentials.

POST /api/v1/environments2/listAuditCredentials

Description

Lists audit credentials.

Parameters

Type Name Schema

Body

input
required

ListAuditCredentialsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

ListAuditCredentialsResponse

default

The default response on an error.

Error

Returns the list of Data Services and their cluster names that are attached the given environment.

POST /api/v1/environments2/listConnectedDataServices

Description

Returns the list of Data Services and their cluster names that are attached to the given environment.

Parameters

Type Name Schema

Body

input
required

ListConnectedDataServicesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

ListConnectedDataServicesResponse

default

The default response on an error.

Error

Lists credentials.

POST /api/v1/environments2/listCredentials

Description

Lists credentials.

Parameters

Type Name Schema

Body

input
required

ListCredentialsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

ListCredentialsResponse

default

The default response on an error.

Error

Lists environments.

POST /api/v1/environments2/listEnvironments

Description

Lists environments.

Parameters

Type Name Schema

Body

input
required

ListEnvironmentsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

ListEnvironmentsResponse

default

The default response on an error.

Error

List recent FreeIPA diagnostics collections

POST /api/v1/environments2/listFreeipaDiagnostics

Description

List recent FreeIPA diagnostics collection

Parameters

Type Name Schema

Body

input
required

ListFreeipaDiagnosticsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

ListFreeipaDiagnosticsResponse

default

The default response on an error.

Error

Lists proxy configs.

POST /api/v1/environments2/listProxyConfigs

Description

Lists proxy configs.

Parameters

Type Name Schema

Body

input
required

ListProxyConfigsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

ListProxyConfigsResponse

default

The default response on an error.

Error

Repairs the FreeIPA nodes.

POST /api/v1/environments2/repairFreeipa

Description

Repairs the FreeIPA nodes if they are in a non working state.

Parameters

Type Name Schema

Body

input
required

RepairFreeipaRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

RepairFreeipaResponse

default

The default response on an error.

Error

Retries the last failed operation on a FreeIPA.

POST /api/v1/environments2/retryFreeipa

Description

Retries the last failed operation on a FreeIPA.

Parameters

Type Name Schema

Body

input
required

RetryFreeipaRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

RetryFreeipaResponse

default

The default response on an error.

Error

Rotate SaltStack user password on FreeIPA instances.

POST /api/v1/environments2/rotateSaltPassword

Description

Rotate SaltStack user password on FreeIPA instances.

Parameters

Type Name Schema

Body

input
required

RotateSaltPasswordRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

RotateSaltPasswordResponse

default

The default response on an error.

Error

Creates or updates the AWS audit credential for the account. The credential is used for authorization to archive audit events to your cloud storage.

POST /api/v1/environments2/setAWSAuditCredential

Description

Creates or updates the AWS audit credential for the account. The response will only contain details appropriate to AWS.

Parameters

Type Name Schema

Body

input
required

SetAWSAuditCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetAWSAuditCredentialResponse

default

The default response on an error.

Error

Creates or updates the AWS GovCloud audit credential for the account. The credential is used for authorization to archive audit events to your cloud storage.

POST /api/v1/environments2/setAWSGovCloudAuditCredential

Description

Creates or updates the AWS GovCloud audit credential for the account. The response will only contain details appropriate to AWS.

Parameters

Type Name Schema

Body

input
required

SetAWSGovCloudAuditCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetAWSGovCloudAuditCredentialResponse

default

The default response on an error.

Error

Set account level telemetry settings. (telemetry features and anonymization rules)

POST /api/v1/environments2/setAccountTelemetry

Description

Set account level telemetry settings. (telemetry features and anonymization rules)

Parameters

Type Name Schema

Body

input
required

SetAccountTelemetryRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetAccountTelemetryResponse

default

The default response on an error.

Error

Creates or updates the Azure audit credential for the account. The credential is used for authorization to archive audit events to your cloud storage.

POST /api/v1/environments2/setAzureAuditCredential

Description

Creates or updates the Azure audit credential for the account. The response will only contain details appropriate to Azure.

Parameters

Type Name Schema

Body

input
required

SetAzureAuditCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetAzureAuditCredentialResponse

default

The default response on an error.

Error

Sets a catalog for a FreeIPA installation.

POST /api/v1/environments2/setCatalog

Description

Sets a catalog for a FreeIPA installation.

Parameters

Type Name Schema

Body

input
required

SetCatalogRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetCatalogResponse

default

The default response on an error.

Error

Sets endpoint access gateway settings for the environment.

POST /api/v1/environments2/setEndpointAccessGateway

Description

Sets endpoint access gateway settings for the environment.

Parameters

Type Name Schema

Body

input
required

SetEndpointAccessGatewayRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetEndpointAccessGatewayResponse

default

The default response on an error.

Error

Read a configuration setting from the environment service.

POST /api/v1/environments2/setEnvironmentSetting

Description

Read a configuration setting from the environment service.

Parameters

Type Name Schema

Body

input
required

SetEnvironmentSettingRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetEnvironmentSettingResponse

default

The default response on an error.

Error

Creates or updates the GCP audit credential for the account. The credential is used for authorization to archive audit events to your cloud storage.

POST /api/v1/environments2/setGCPAuditCredential

Description

Creates or updates the GCP audit credential for the account. The response will only contain details appropriate to GCP.

Parameters

Type Name Schema

Body

input
required

SetGCPAuditCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetGCPAuditCredentialResponse

default

The default response on an error.

Error

Sets all ID Broker mappings for an environment.

POST /api/v1/environments2/setIdBrokerMappings

Description

Sets all ID Broker mappings for an environment. Overwrites all existing mappings.

Parameters

Type Name Schema

Body

input
required

SetIdBrokerMappingsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetIdBrokerMappingsResponse

default

The default response on an error.

Error

Sets workload user’s password and updates into all environments.

POST /api/v1/environments2/setPassword

Description

Deprecated. Use 'iam set-workload-password' command instead.

Parameters

Type Name Schema

Body

input
required

SetPasswordRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetPasswordResponse

default

The default response on an error.

Error

Configure environment level telemetry feature setting.

POST /api/v1/environments2/setTelemetryFeatures

Description

Configure environment level telemetry feature setting.

Parameters

Type Name Schema

Body

input
required

SetTelemetryFeaturesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SetTelemetryFeaturesResponse

default

The default response on an error.

Error

Start an environment.

POST /api/v1/environments2/startEnvironment

Description

Start an environment.

Parameters

Type Name Schema

Body

input
required

StartEnvironmentRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

StartEnvironmentResponse

default

The default response on an error.

Error

Initiates the vertical scaling on FreeIPA.

POST /api/v1/environments2/startFreeIpaVerticalScaling

Description

Initiates the vertical scaling on FreeIPA.

Parameters

Type Name Schema

Body

input
required

StartFreeIpaVerticalScalingRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

StartFreeIpaVerticalScalingResponse

default

The default response on an error.

Error

Stop an environment.

POST /api/v1/environments2/stopEnvironment

Description

Stop an environment.

Parameters

Type Name Schema

Body

input
required

StopEnvironmentRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

StopEnvironmentResponse

default

The default response on an error.

Error

Synchronizes environments with all users and groups state with CDP.

POST /api/v1/environments2/syncAllUsers

Description

Synchronizes environments with all users and groups state with CDP.

Parameters

Type Name Schema

Body

input
required

SyncAllUsersRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SyncAllUsersResponse

default

The default response on an error.

Error

Syncs all ID Broker mappings for an environment.

POST /api/v1/environments2/syncIdBrokerMappings

Description

Syncs all ID Broker mappings to all datalake clusters in an environment.

Parameters

Type Name Schema

Body

input
required

SyncIdBrokerMappingsRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SyncIdBrokerMappingsResponse

default

The default response on an error.

Error

Returns status of the sync operation for the operation id.

POST /api/v1/environments2/syncStatus

Description

Returns status of the sync operation for the operation id. Operation Id should be one of the previously request sync operation.

Parameters

Type Name Schema

Body

input
required

SyncStatusRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SyncStatusResponse

default

The default response on an error.

Error

Synchronizes environments with single user to the FreeIPA servers.

POST /api/v1/environments2/syncUser

Description

Synchronizes environments with single user to the FreeIPA servers.

Parameters

Type Name Schema

Body

input
required

SyncUserRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

SyncUserResponse

default

The default response on an error.

Error

Test anonymization rules (for account telemetry) against text input.

POST /api/v1/environments2/testAccountTelemetryRules

Description

Test anonymization rules (for account telemetry) against text input.

Parameters

Type Name Schema

Body

input
required

TestAccountTelemetryRulesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

TestAccountTelemetryRulesResponse

default

The default response on an error.

Error

Update the AWS encryption key ARN for the environment.

POST /api/v1/environments2/updateAwsDiskEncryptionParameters

Description

Updates the AWS encryption key ARN for the environment. Enables the server side encryption with CMK for newly created AWS resources for the existing environment.

Parameters

Type Name Schema

Body

input
required

UpdateAwsDiskEncryptionParametersRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateAwsDiskEncryptionParametersResponse

default

The default response on an error.

Error

Update the Availability Zones for the Azure environment.

POST /api/v1/environments2/updateAzureAvailabilityZones

Description

Updates the Availability Zones for the Azure environment.

Parameters

Type Name Schema

Body

input
required

UpdateAzureAvailabilityZonesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateAzureAvailabilityZonesResponse

default

The default response on an error.

Error

Updates a new certificate based Azure credential that can be attached to an environment. The credential is used for authorization to provision resources such as compute instances within your cloud provider account.

POST /api/v1/environments2/updateAzureCredential

Description

Updates a certificate based Azure credential.

Parameters

Type Name Schema

Body

input
required

UpdateAzureCredentialRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateAzureCredentialResponse

default

The default response on an error.

Error

Update the Azure database resources for the environment.

POST /api/v1/environments2/updateAzureDatabaseResources

Description

Updates the Azure database resources for the environment. Enables deploying private Flexible Server for the existing environment.

Parameters

Type Name Schema

Body

input
required

UpdateAzureDatabaseResourcesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateAzureDatabaseResourcesResponse

default

The default response on an error.

Error

Update the Azure encryption resources for the environment.

POST /api/v1/environments2/updateAzureEncryptionResources

Description

Updates the Azure encryption resources for the environment. Enables the SSE with CMK for newly created Azure resources for the existing environment.

Parameters

Type Name Schema

Body

input
required

UpdateAzureEncryptionResourcesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateAzureEncryptionResourcesResponse

default

The default response on an error.

Error

Updates account level Azure Marketplace image policy. CDP is capable to automatically accept Azure Marketplace image terms during cluster deployment. You can use this setting in your account to opt in or opt out this behaviour.

POST /api/v1/environments2/updateAzureImageTermsPolicy

Description

Updates account level Azure Marketplace image policy. CDP is capable to automatically accept Azure Marketplace image terms during cluster deployment. You can use this setting in your account to opt in or opt out this behaviour.

Parameters

Type Name Schema

Body

input
required

UpdateAzureImageTermsPolicyRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateAzureImageTermsPolicyResponse

default

The default response on an error.

Error

Updates custom docker registry CRN of an environment.

POST /api/v1/environments2/updateCustomDockerRegistry

Description

Updates custom docker registry CRN of an environment.

Parameters

Type Name Schema

Body

input
required

UpdateCustomDockerRegistryRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateCustomDockerRegistryResponse

default

The default response on an error.

Error

Updates Data Service resources of an environment.

POST /api/v1/environments2/updateDataServiceResources

Description

Updates Data Service resources of an environment.

Parameters

Type Name Schema

Body

input
required

UpdateDataServiceResourcesRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateDataServiceResourcesResponse

default

The default response on an error.

Error

Run orchestrator engine state update on the FreeIPA cluster.

POST /api/v1/environments2/updateOrchestratorState

Description

Run orchestrator engine state update on the FreeIPA cluster.

Parameters

Type Name Schema

Body

input
required

UpdateOrchestratorStateRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateOrchestratorStateResponse

default

The default response on an error.

Error

Updates the proxy config of the given environment.

POST /api/v1/environments2/updateProxyConfig

Description

Updates the proxy config of the given environment.

Parameters

Type Name Schema

Body

input
required

UpdateProxyConfigRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateProxyConfigResponse

default

The default response on an error.

Error

Updates the security access settings of the given environment.

POST /api/v1/environments2/updateSecurityAccess

Description

Updates the security access settings of the given environment.

Parameters

Type Name Schema

Body

input
required

UpdateSecurityAccessRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateSecurityAccessResponse

default

The default response on an error.

Error

Updates the designated SSH key for the given environment.

POST /api/v1/environments2/updateSshKey

Description

Updates the designated SSH key for the given environment.

Parameters

Type Name Schema

Body

input
required

UpdateSshKeyRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateSshKeyResponse

default

The default response on an error.

Error

Updates the subnet(s) of the given environment.

POST /api/v1/environments2/updateSubnet

Description

Updates the subnet(s) of the given environment.

Parameters

Type Name Schema

Body

input
required

UpdateSubnetRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpdateSubnetResponse

default

The default response on an error.

Error

Upgrades Cluster Connectivity Manager on the environment to the latest available version.

POST /api/v1/environments2/upgradeCcm

Description

Upgrades Cluster Connectivity Manager on the environment to the latest available version.

Parameters

Type Name Schema

Body

input
required

UpgradeCcmRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpgradeCcmResponse

default

The default response on an error.

Error

Upgrades FreeIPA to the latest or defined image.

POST /api/v1/environments2/upgradeFreeipa

Description

FreeIPA is an integrated Identity and Authentication solution that can be used for any of CM, CDP services.

Parameters

Type Name Schema

Body

input
required

UpgradeFreeipaRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpgradeFreeipaResponse

default

The default response on an error.

Error

Upscales FreeIPA instances.

POST /api/v1/environments2/upscaleFreeipa

Description

FreeIPA is an integrated Identity and Authentication solution that can be used for any of CM, CDP services.

Parameters

Type Name Schema

Body

input
required

UpscaleFreeipaRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

UpscaleFreeipaResponse

default

The default response on an error.

Error

Validates AWS cloud storage settings of the given environment.

POST /api/v1/environments2/validateAwsCloudStorage

Description

Validates AWS cloud storage settings of the given environment.

Parameters

Type Name Schema

Body

input
required

ValidateAwsCloudStorageRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

ValidateAwsCloudStorageResponse

default

The default response on an error.

Error

Validates Azure cloud storage settings of the given environment.

POST /api/v1/environments2/validateAzureCloudStorage

Description

Validates Azure cloud storage settings of the given environment.

Parameters

Type Name Schema

Body

input
required

ValidateAzureCloudStorageRequest

Responses

HTTP Code Description Schema

200

Expected response to a valid request.

ValidateAzureCloudStorageResponse

default

The default response on an error.

Error

Definitions

AWSFreeIpaCreationRequest

Request object for creating FreeIPA in the environment.

Name Description Schema

instanceCountByGroup
optional

The number of FreeIPA instances to create per group when creating FreeIPA in the environment

integer (int32)

instanceType
optional

Custom instance type of FreeIPA instances.

string

multiAz
optional

Flag which marks that the FreeIPA will be deployed in a multi-availability zone way or not.

boolean

recipes
optional

The recipes for the FreeIPA cluster.

< string > array

AnonymizationRuleRequest

Anonymization rule request object that is applied on logs that are sent to Cloudera.

Name Description Schema

replacement
optional

If rule pattern (value) matches, that will be replaced for this string (default [REDACTED])
Default : "[REDACTED]"

string

value
required

Pattern of the rule that should be redacted.

string

AnonymizationRuleResponse

Anonymization rule response object rule that is applied on logs that are sent to Cloudera.

Name Description Schema

replacement
optional

If rule pattern (value) matches, that will be replaced for this string (default [REDACTED])

string

value
optional

Pattern of the rule that should be redacted.

string

AttachFreeIpaRecipesRequest

Request object for attaching recipes to FreeIPA.

Name Description Schema

environment
required

The environment name or CRN of the FreeIPA.

string

recipes
required

The list of recipes to attach.

< string > array

AttachFreeIpaRecipesResponse

Response object for attaching recipes to FreeIPA.

Type : object

AttachedVolume

The attached volume configuration.

Name Description Schema

count
optional

The number of volumes.

integer (int32)

size
optional

The size of each volume in GB.

integer (int64)

volumeType
optional

The type of the volumes.

string

AttachedVolumeDetail

The attached volume configuration.

Name Description Schema

count
optional

The number of volumes.

integer (int32)

size
optional

The size of each volume in GB.

integer (int32)

volumeType
optional

The type of volumes.

string

Authentication

Additional SSH key authentication configuration for accessing cluster node instances.

Name Description Schema

loginUserName
optional

The SSH user name created on the nodes for SSH access.

string

publicKey
optional

SSH Public key string.

string

publicKeyId
optional

Public SSH key ID already registered in the cloud provider.

string

AuthenticationRequest

Additional SSH key authentication configuration for accessing cluster node.

Name Description Schema

publicKey
optional

Public SSH key string. Mutually exclusive with publicKeyId.

string

publicKeyId
optional

Public SSH key ID already registered in the cloud provider. Mutually exclusive with publicKey.

string

AwsCredentialPrerequisitesResponse

Response object for getting AWS credential prerequisites.

Name Description Schema

externalId
required

The cross-account external ID.

string

policies
optional

The fine-grained policies related to each service.

< CredentialGranularPolicyResponse > array

policyJson
required

The related policy json encoded in base64

string

AwsCredentialProperties

The credential properties that closely related to those that have been created on AWS.

Name Description Schema

govCloud
optional

Flag that indicates that the given AWS credential is GovCloud specfic.

boolean

roleArn
optional

The AWS role arn for the given credential.

string

AwsDiskEncryptionParameters

Object containing details of encryption parameters for AWS cloud.

Name Description Schema

encryptionKeyArn
optional

ARN of the CMK which is used to encrypt the AWS EBS volumes.

string

AwsFreeIpaInstanceTemplateParams

AWS specific FreeIPA parameters.

Name Description Schema

spotMaxPrice
optional

Maximum hourly price of spot instances.
Minimum value : 0
Maximum value : 255

number (double)

spotPercentage
optional

Percentage of spot instances.
Minimum value : 0
Maximum value : 100

integer (int32)

AwsLogStorageRequest

AWS storage configuration for cluster and audit logs.

Name Description Schema

backupStorageLocationBase
optional

The base location to store backup in S3. This should be an s3a:// url.

string

instanceProfile
required

The AWS instance profile that which contains the necessary permissions to access the S3 storage location.

string

storageLocationBase
required

The base location to store logs in S3. This should be an s3a:// url.

string

AzureAuthenticationTypeProperties

Authentication type of the credential

Type : enum (CERTIFICATE, SECRET)

AzureCredentialCertificateProperties

The certificate used for the credential

Name Description Schema

base64
optional

The certificate (PEM) encoded in base64 format

string

expiration
optional

the expiration timestamp

string

expirationDate
optional

the expiration in date format

string (date-time)

sha512
optional

The SHA512 digest of the certificate

string

status
optional

The status of an Azure credential.

enum (KEY_GENERATED, ACTIVE)

AzureCredentialPrerequisitesResponse

Response object for getting Azure credential prerequisites.

Name Description Schema

appCreationCommand
required

Azure CLI command to create Azure AD Application encoded in base64.

string

policies
optional

The fine-grained policies related to each service.

< CredentialGranularPolicyResponse > array

roleDefinitionJson
required

The related role definition json encoded in base64

string

AzureCredentialProperties

The credential properties that closely related to those that have been created on Azure.

Name Description Schema

appId
optional

The ID of the created Azure app.

string

authenticationType
optional

Authentication type of the credential

AzureAuthenticationTypeProperties

certificate
optional

The public certificate used by the Azure credential.

AzureCredentialCertificateProperties

subscriptionId
optional

The Azure subscription ID for the given credential.

string

tenantId
optional

The Azure tenant ID for the given credential.

string

AzureDataServicesParameters

Azure-specific Data Service parameters response.

Name Description Schema

sharedManagedIdentity
required

User-assigned managed identity used by the AKS control plane.

string

AzureDataServicesParametersRequest

Azure-specific Data Service parameters request.

Name Description Schema

sharedManagedIdentity
required

User-assigned managed identity used by the AKS control plane.

string

AzureDatabaseResources

Object containing details of database resources for Azure cloud.

Name Description Schema

databasePrivateDnsZoneId
optional

The full Azure resource ID of the existing Private DNS Zone used for Flexible Server and Single Server Databases.

string

flexibleServerSubnetIds
optional

The subnets delegated for Flexible Server database. Accepts either the name or the full resource id.

< string > array

AzureFreeIpaCreationRequest

Request object for creating FreeIPA in the environment.

Name Description Schema

instanceCountByGroup
optional

The number of FreeIPA instances to create per group when creating FreeIPA in the environment

integer (int32)

instanceType
optional

Custom instance type of FreeIPA instances.

string

multiAz
optional

Flag that enables deployment of the FreeIPA in a multi-availability zone.
Default : false

boolean

recipes
optional

The recipes for the FreeIPA cluster.

< string > array

AzureLogStorageRequest

Azure storage configuration for cluster and audit logs.

Name Description Schema

backupStorageLocationBase
optional

The storage location to use. The location has to be in the following format abfs://filesystem@storage-account-name.dfs.core.windows.net. The filesystem must already exist and the storage account must be StorageV2.

string

managedIdentity
required

The managed identity associated with the logger. This identity should have Storage Blob Data Contributor role on the given storage account.

string

storageLocationBase
required

The storage location to use. The location has to be in the following format abfs://filesystem@storage-account-name.dfs.core.windows.net. The filesystem must already exist and the storage account must be StorageV2.

string

AzureResourceEncryptionParameters

Object containing details of encryption parameters for Azure cloud.

Name Description Schema

diskEncryptionSetId
optional

ID of the Disk Encryption Set created in Azure which is used to encrypt Managed Disks of FreeIPA, Data Lake, Data Hub and PostgreSQL.

string

encryptionKeyResourceGroupName
optional

Name of the existing Azure resource group hosting the Azure Key Vault containing customer managed key which is used to encrypt the Azure Managed Disks.

string

encryptionKeyUrl
optional

URL of the key which is used to encrypt the Azure Managed Disks.

string

userManagedIdentity
optional

User managed identity for encryption.

string

BackupStorage

Storage configuration for backup.

Name Description Schema

awsDetails
optional

AWS-specific backup storage configuration information.

awsDetails

azureDetails
optional

Azure-specific backup storage configuration information.

azureDetails

enabled
optional

Whether external backup storage is enabled. The default value is disabled.

boolean

gcpDetails
optional

GCP-specific backup storage configuration information.

gcpDetails

awsDetails

Name Description Schema

instanceProfile
optional

The AWS instance profile which contains the necessary permissions to access the S3 storage location.

string

storageLocationBase
optional

The base location to store backup in S3. This should be an s3a:// url.

string

azureDetails

Name Description Schema

managedIdentity
optional

The managed identity associated with the backup. This identity should have Storage Blob Data Contributor role on the given storage account.

string

storageLocationBase
optional

The storage location to use. The location has to be in the following format abfs://filesystem@storage-account-name.dfs.core.windows.net.

string

gcpDetails

Name Description Schema

serviceAccountEmail
optional

Email ID of the service account associated with the backup instances.

string

storageLocationBase
optional

The storage location to use. This should be a gs:// url.

string

CancelFreeipaDiagnosticsRequest

Request object for cancel running FreeIPA diagnostics collections.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

CancelFreeipaDiagnosticsResponse

Response object for cancel running FreeIPA diagnostics collections.

Type : object

CdpCluster

Discovered CdpCluster object.

Name Description Schema

clusterValidationMessages
optional

List of cluster validation message.

< EnvValidation > array

cmUrl
optional

The Url to Cloudera Manager.

string

displayName
optional

Display name of cluster.

string

exposedServices
optional

List of exposed CDP DC services

< ExposedService > array

name
optional

Name of cluster.

string

version
optional

Version of Cloudera Manager.

string

ChangeEnvironmentCredentialRequest

Request object for a change environment credentials request.

Name Description Schema

credentialName
required

The credential name to set for the environment. This must be a credential that already exists.

string

environmentName
required

The name or CRN of the environment.

string

ChangeEnvironmentCredentialResponse

Response object for a change environment credentials request.

Name Description Schema

environment
required

The environment summary.

EnvironmentSummary

CheckDatabaseConnectivityRequest

Request object for checking Database connectivity.

Name Description Schema

host
required

Host value.

string

name
required

Database name value.

string

password
required

Password value.

string

port
required

Port value.

integer (int32)

username
required

Username value.

string

CheckDatabaseConnectivityResponse

Response object for checking Database connectivity.

Name Description Schema

message
optional

Message explaining the result.

string

result
required

Result of the connectivity check.

enum (SUCCESS, FAILURE)

CheckEnvironmentConnectivityRequest

Request object to check connectivity to private cloud environment.

Name Description Schema

address
required

The address of the Cloudera Manager managing the Datalake cluster.

string

authenticationToken
required

A string (text or json) used to authenticate to the Cloudera Manager.

string

authenticationTokenType
optional

How to interpret the authenticationToken field. Defaults to CLEARTEXT_PASSWORD.

enum (CLEARTEXT_PASSWORD)

clusterNames
optional

The name of the cluster(s) to use as a Datalake for the environment.

< string > array

user
required

User name for accessing the Cloudera Manager.

string

CheckEnvironmentConnectivityResponse

Response object to check connectivity to private cloud environment.

Name Description Schema

clusters
required

List of discovered clusters

< CdpCluster > array

CheckKubernetesConnectivityRequest

Request object for checking Kubernetes connectivity.

Name Description Schema

format
optional

Format of Kubernetes configuration file. Defaults to YAML.

enum (YAML)

kubeConfig
required

Content of Kubernetes configuration file as a text blob in YAML format.

string

CheckKubernetesConnectivityResponse

Response object for checking Kubernetes connectivity.

Name Description Schema

message
optional

Message explaining the status. Used for Errors.

string

status
required

Status of Kubernetes cluster. Also indicates connectivity.

enum (SUCCESS, FAILURE)

CloudSubnet

Information about a cloud provider subnet.

Name Description Schema

availabilityZone
optional

The availability zone of the subnet.

string

cidr
optional

The CIDR IP range of the subnet.

string

subnetId
optional

The id of the subnet.

string

subnetName
optional

The name of the subnet.

string

CollectFreeipaDiagnosticsRequest

Request object for collecting FreeIPA diagnostics.

Name Description Schema

additionalLogs
optional

Array of log descriptors that should be additionally collected during diagnostics collection.

< FreeipaVmLogRequest > array

caseNumber
optional

Optional support case number in case of SUPPORT destination, otherwise only act as additional data.

string

description
required

Additional information / title for the diagnostics collection.

string

destination
required

Destination of the diagnostics collection (Support, Own cloud storage, Engineering or collect only on the nodes)

enum (SUPPORT, CLOUD_STORAGE, ENG, LOCAL)

endDate
optional

Date timestamp - collect files only for diagnostics that has lower created timestamp value than this.

string (date-time)

environmentName
required

The name or CRN of the environment.

string

excludeHosts
optional

Array of host names (fqdn or IP address), collection will not run on the excluded hosts.

< string > array

hostGroups
optional

Array of host groups, collection will run only on the dedicated hosts that belongs to these host groups.

< string > array

hosts
optional

Array of host names (fqdn), collection will run only on the dedicated hosts.

< string > array

includeNginxReport
optional

Include Nginx report generated by GoAccess (if available).

boolean

includeSaltLogs
optional

Include salt minion/master/api system logs in the diagnostics collection.

boolean

includeSarOutput
optional

Include SAR (System Activity Report) generated outputs in the diagnostics collection (if available).

boolean

labels
optional

Array of labels that can filter logs that are collected during diagnostics collection.

< string > array

skipUnresponsiveHosts
optional

Skip unhealthy hosts from the diagnostics collection.

boolean

startDate
optional

Date timestamp - collect files only for diagnostics that has higher last modified timestamp value than this.

string (date-time)

storageValidation
optional

Enable/disable node level storage validation (can be disabled for example, if you have too many hosts and do not want to do too much parallel writes to s3/abfs)
Default : false

boolean

updatePackage
optional

If enabled, required package (cdp-telemetry) will be upgraded or installed on the nodes. (useful if package is not installed or needs to be upgraded) Network is required for this operation.
Default : false

boolean

CollectFreeipaDiagnosticsResponse

Response object for collecting FreeIPA diagnostics.

Type : object

ConnectedDataService

A single entry that contains the name of the given Data Service and its related resource(s).

Name Description Schema

clusters
required

List of resource names for the given Data Service.

< string > array

name
required

The name of the given Data Service.

string

CreateAWSCredentialRequest

Request object for a create AWS credential request.

Name Description Schema

credentialName
required

The name of the credential.

string

description
optional

A description for the credential.

string

roleArn
required

The ARN of the delegated access role.

string

CreateAWSCredentialResponse

Response object for a create AWS credential request.

Name Description Schema

credential
required

The credential object.

Credential

CreateAWSEnvironmentRequest

Request object for a create AWS environment request.

Name Description Schema

authentication
required

SSH authentication information for accessing cluster node instances. Users with access to this authentication information have root level access to the Data Lake and Data Hub cluster instances.

AuthenticationRequest

createPrivateSubnets
optional

Whether to create private subnets or not.

boolean

createServiceEndpoints
optional

Whether to create service endpoints or not.

boolean

credentialName
required

Name of the credential to use for the environment.

string

customDockerRegistry
optional

Configures the desired custom docker registry for data services.

CustomDockerRegistryRequest

description
optional

An description of the environment.

string

enableTunnel
optional

Whether to enable SSH tunneling for the environment.
Default : true

boolean

encryptionKeyArn
optional

ARN of the AWS KMS CMK to use for the server-side encryption of AWS storage resources.

string

endpointAccessGatewayScheme
optional

The scheme for the endpoint gateway. PUBLIC creates an external endpoint that can be accessed over the Internet. Defaults to PRIVATE which restricts the traffic to be internal to the VPC.

enum (PUBLIC, PRIVATE)

endpointAccessGatewaySubnetIds
optional

The subnets to use for endpoint access gateway.

< string > array

environmentName
required

The name of the environment. Must contain only lowercase letters, numbers and hyphens.

string

freeIpa
optional

The FreeIPA creation request for the environment

AWSFreeIpaCreationRequest

image
optional

The FreeIPA image request for the environment

FreeIpaImageRequest

logStorage
required

AWS storage configuration for cluster and audit logs.

AwsLogStorageRequest

networkCidr
optional

The network CIDR. This will create a VPC along with subnets in multiple Availability Zones.

string

proxyConfigName
optional

Name of the proxy config to use for the environment.

string

region
required

The region of the environment.

string

reportDeploymentLogs
optional

When true, this will report additional diagnostic information back to Cloudera.

boolean

s3GuardTableName
optional

The name for the DynamoDB table backing S3Guard.

string

securityAccess
required

Security control for FreeIPA and Data Lake deployment.

SecurityAccessRequest

subnetIds
optional

One or more subnet IDs within the VPC. Mutually exclusive with networkCidr.

< string > array

tags
optional

Tags associated with the resources.

< TagRequest > array

vpcId
optional

The Amazon VPC ID. Mutually exclusive with networkCidr.

string

workloadAnalytics
optional

When this is enabled, diagnostic information about job and query execution is sent to Workload Manager for Data Hub clusters created within this environment.

boolean

CreateAWSEnvironmentResponse

Response object for a create AWS environment request.

Name Description Schema

environment
required

Created environment object.

Environment

CreateAWSGovCloudCredentialRequest

Request object for a create AWS credential request for GovCloud.

Name Description Schema

credentialName
required

The name of the credential.

string

description
optional

A description for the credential.

string

roleArn
required

The ARN of the delegated access role.

string

CreateAWSGovCloudCredentialResponse

Response object for a create AWS credential request for GovCloud.

Name Description Schema

credential
required

The credential object.

Credential

CreateAWSGovCloudEnvironmentRequest

Request object for a create AWS GovCloud environment request.

Name Description Schema

authentication
required

SSH authentication information for accessing cluster node instances. Users with access to this authentication information have root level access to the Data Lake and Data Hub cluster instances.

AuthenticationRequest

createPrivateSubnets
optional

Whether to create private subnets or not.

boolean

createServiceEndpoints
optional

Whether to create service endpoints or not.

boolean

credentialName
required

Name of the credential to use for the environment.

string

customDockerRegistry
optional

Configures the desired custom docker registry for data services.

CustomDockerRegistryRequest

description
optional

An description of the environment.

string

enableTunnel
optional

Whether to enable SSH tunneling for the environment.
Default : true

boolean

encryptionKeyArn
optional

ARN of the AWS KMS CMK to use for the server-side encryption of AWS storage resources.

string

endpointAccessGatewayScheme
optional

The scheme for the endpoint gateway. PUBLIC creates an external endpoint that can be accessed over the Internet. Defaults to PRIVATE which restricts the traffic to be internal to the VPC.

enum (PUBLIC, PRIVATE)

endpointAccessGatewaySubnetIds
optional

The subnets to use for endpoint access gateway.

< string > array

environmentName
required

The name of the environment. Must contain only lowercase letters, numbers and hyphens.

string

freeIpa
optional

The FreeIPA creation request for the environment

AWSFreeIpaCreationRequest

image
optional

The FreeIPA image request for the environment

FreeIpaImageRequest

logStorage
required

AWS storage configuration for cluster and audit logs.

AwsLogStorageRequest

networkCidr
optional

The network CIDR. This will create a VPC along with subnets in multiple Availability Zones.

string

proxyConfigName
optional

Name of the proxy config to use for the environment.

string

region
required

The region of the environment.

string

reportDeploymentLogs
optional

When true, this will report additional diagnostic information back to Cloudera.

boolean

s3GuardTableName
optional

The name for the DynamoDB table backing S3Guard.

string

securityAccess
required

Security control for FreeIPA and Data Lake deployment.

SecurityAccessRequest

subnetIds
optional

One or more subnet IDs within the VPC. Mutually exclusive with networkCidr.

< string > array

tags
optional

Tags associated with the resources.

< TagRequest > array

vpcId
optional

The Amazon VPC ID. Mutually exclusive with networkCidr.

string

workloadAnalytics
optional

When this is enabled, diagnostic information about job and query execution is sent to Workload Manager for Data Hub clusters created within this environment.

boolean

CreateAWSGovCloudEnvironmentResponse

Response object for a create AWS GovCloud environment request.

Name Description Schema

environment
required

Created environment object.

Environment

CreateAzureCredentialRequest

Request object for a create Azure credential request.

Name Description Schema

appBased
required

Additional configurations needed for app-based authentication.

appBased

credentialName
required

The name of the credential.

string

description
optional

A description for the credential.

string

subscriptionId
optional

The Azure subscription ID. Required for secret based credentials and optional for certificate based ones.

string

tenantId
optional

The Azure AD tenant ID for the Azure subscription. Required for secret based credentials and optional for certificate based ones.

string

appBased

Name Description Schema

applicationId
optional

The id of the application registered in Azure.

string

authenticationType
optional

Authentication type of the credential

AzureAuthenticationTypeProperties

secretKey
optional

The client secret key (also referred to as application password) for the registered application.

string

CreateAzureCredentialResponse

Response object for a create Azure credential request.

Name Description Schema

credential
required

The credential object.

Credential

CreateAzureEnvironmentRequest

Request object for a create Azure environment request.

Name Description Schema

availabilityZones
optional

The zones of the environment in the given region.

< string > array

createPrivateEndpoints
optional

When this is enabled, then Azure Postgres will be configured with Private Endpoint and a Private DNS Zone. When this is disabled, then Azure Service Endpoints will be created. The default value is disabled.

boolean

credentialName
required

Name of the credential to use for the environment.

string

customDockerRegistry
optional

Configures the desired custom docker registry for data services.

CustomDockerRegistryRequest

dataServices
optional

Data Services parameters of the environment.

DataServicesRequest

description
optional

An description of the environment.

string

enableOutboundLoadBalancer
optional

Whether or not outbound load balancers should be created for Azure environments. The default behavior is to not create the outbound load balancer.

boolean

enableTunnel
optional

Whether to enable SSH tunneling for the environment.
Default : true

boolean

encryptionAtHost
optional

When this is enabled, we will provision resources with host encrypted true flag.

boolean

encryptionKeyResourceGroupName
optional

Name of the existing Azure resource group hosting the Azure Key Vault containing customer managed key which will be used to encrypt the Azure Managed Disks. It is required only when the entitlement is granted and the resource group of the key vault is different from the resource group in which the environment is to be created. Omitting it implies that, the key vault containing the encryption key is present in the same resource group where the environment would be created.

string

encryptionKeyUrl
optional

URL of the key which will be used to encrypt the Azure Managed Disks, if entitlement has been granted.

string

endpointAccessGatewayScheme
optional

The scheme for the endpoint gateway. PUBLIC creates an external endpoint that can be accessed over the Internet. Defaults to PRIVATE which restricts the traffic to be internal to the VNet.

enum (PUBLIC, PRIVATE)

endpointAccessGatewaySubnetIds
optional

The subnets to use for endpoint access gateway.

< string > array

environmentName
required

The name of the environment. Must contain only lowercase letters, numbers and hyphens.

string

existingNetworkParams
optional

Parameters needed to use an existing VNet and Subnets.

ExistingAzureNetworkRequest

flexibleServerSubnetIds
optional

The subnets delegated for Flexible Server database. Accepts either the name or the full resource id.

< string > array

freeIpa
optional

The FreeIPA creation request for the environment

AzureFreeIpaCreationRequest

image
optional

The FreeIPA image request for the environment

FreeIpaImageRequest

logStorage
required

Azure storage configuration for cluster and audit logs.

AzureLogStorageRequest

newNetworkParams
optional

Parameteres needed to automatically create VNet and Subnets.

newNetworkParams

proxyConfigName
optional

Name of the proxy config to use for the environment.

string

publicKey
required

Public SSH key string. The associated private key can be used to get root-level access to the Data Lake instance and Data Hub cluster instances.

string

region
required

The region of the environment.

string

reportDeploymentLogs
optional

When true, this will report additional diagnostic information back to Cloudera.

boolean

resourceGroupName
optional

Name of an existing Azure resource group to be used for the environment. If it is not specified then new resource groups will be generated.

string

securityAccess
required

Security control for FreeIPA and Data Lake deployment.

SecurityAccessRequest

tags
optional

Tags associated with the resources.

< TagRequest > array

usePublicIp
required

Whether to associate public ip’s to the resources within the network.

boolean

userManagedIdentity
optional

User managed identity for encryption.

string

workloadAnalytics
optional

When this is enabled, diagnostic information about job and query execution is sent to Workload Manager for Data Hub clusters created within this environment.

boolean

newNetworkParams

Name Description Schema

networkCidr
required

The range of private IPv4 addresses that resources will use under the created VNet.

string

CreateAzureEnvironmentResponse

Response object for a create Azure environment request.

Name Description Schema

environment
required

Created environment object.

Environment

CreateGCPCredentialRequest

Request object for a create GCP credential request.

Name Description Schema

credentialKey
required

The JSON key for the service account. Please use local path when using the CLI (e.g. file:///absolute/path/to/cred.json) to avoid exposing the keys in the command line history.

string

credentialName
required

The name of the credential.

string

description
optional

A description for the credential.

string

CreateGCPCredentialResponse

Response object for a create GCP credential request.

Name Description Schema

credential
required

The credential object.

Credential

CreateGCPEnvironmentRequest

Request object for a create GCP environment request.

Name Description Schema

availabilityZones
optional

The zones of the environment in the given region. Multi-zone selection is not supported in GCP yet. It accepts only one zone until support is added.

< string > array

credentialName
required

Name of the credential to use for the environment.

string

customDockerRegistry
optional

Configures the desired custom docker registry for data services.

CustomDockerRegistryRequest

description
optional

A description of the environment.

string

enableTunnel
optional

Whether to enable SSH tunneling for the environment.
Default : true

boolean

encryptionKey
optional

Key Resource ID of the customer managed encryption key to encrypt GCP resources.

string

endpointAccessGatewayScheme
optional

The scheme for the endpoint gateway. PUBLIC creates an external endpoint that can be accessed over the Internet. Defaults to PRIVATE which restricts the traffic to be internal to the VPC.

enum (PUBLIC, PRIVATE)

endpointAccessGatewaySubnetIds
optional

The subnets to use for endpoint access gateway.

< string > array

environmentName
required

The name of the environment. Must contain only lowercase letters, numbers and hyphens.

string

existingNetworkParams
required

Parameters needed to use an existing VPC and Subnets. For now only existing network params is supported.

ExistingGCPNetworkRequest

freeIpa
optional

The FreeIPA creation request for the environment

GCPFreeIpaCreationRequest

logStorage
optional

GCP storage configuration for cluster and audit logs.

GcpLogStorageRequest

proxyConfigName
optional

Name of the proxy config to use for the environment.

string

publicKey
required

Public SSH key string. The associated private key can be used to get root-level access to the Data Lake instance and Data Hub cluster instances.

string

region
required

The region of the environment.

string

reportDeploymentLogs
optional

When true, this will report additional diagnostic information back to Cloudera.

boolean

securityAccess
optional

Firewall rules for FreeIPA, Data Lake and Data Hub deployment.

GcpSecurityAccessRequest

tags
optional

Tags that can be attached to GCP resources. Please refer to Google documentation for the rules https://cloud.google.com/compute/docs/labeling-resources#label_format.

< GcpTagRequest > array

usePublicIp
required

Whether to associate public ip’s to the resources within the network.

boolean

workloadAnalytics
optional

When this is enabled, diagnostic information about job and query execution is sent to Workload Manager for Data Hub clusters created within this environment.

boolean

CreateGCPEnvironmentResponse

Response object for a create GCP environment request.

Name Description Schema

environment
required

Created environment object.

Environment

CreatePrivateEnvironmentRequest

Request object for a create private cloud environment request.

Name Description Schema

address
required

The address of the Cloudera Manager managing the Datalake cluster.

string

authenticationToken
required

A string (text or json) used to authenticate to the Cloudera Manager.

string

authenticationTokenType
optional

How to interpret the authenticationToken field. Defaults to CLEARTEXT_PASSWORD.

enum (CLEARTEXT_PASSWORD)

clusterNames
required

The name of the cluster(s) to use as a Datalake for the environment.

< string > array

description
optional

An description of the environment.

string

dockerConfigJson
optional

docker pull secrets for the K8s cluster. This is expected to be a docker config json.

string

dockerUserPass
optional

Alternative to dockerConfigJson.

dockerUserPass

domain
optional

default domain suffix to work workload applications to use.

string

environmentName
required

The name of the environment. Must contain only lowercase letters, numbers and hyphens.

string

kubeConfig
optional

Name of credentials holding kubeconfig for access to the kubernetes cluster paired with this Environment.

string

namespacePrefix
optional

Prefix for all namespaces created by Cloudera Data Platform within this cluster.
Default : "cdp"

string

platform
optional

the K8s cluster type used for the environment.
Default : "OPENSHIFT"

string

storageClass
optional

An existing storage class on this kubernetes cluster. If not specified, the default storage class will be used.

string

user
required

User name for accessing the Cloudera Manager.

string

dockerUserPass

Name Description Schema

email
optional

Docker email.

string

password
required

Docker password.

string

server
required

Docker Registry FQDN.

string

username
required

Docker username.

string

CreatePrivateEnvironmentResponse

Response object for a create private cloud environment request.

Name Description Schema

environment
required

Created environment object.

Environment

CreateProxyConfigRequest

Request object for a create proxy config request.

Name Description Schema

description
optional

A description for the proxy config.

string

host
required

The proxy host.

string

noProxyHosts
optional

Comma-separated list of 'CIDR', '[.]host[:port]' (can be a subdomain as well) and 'IP[:port]' entries that should not be proxied. Wildcards are not accepted. For example .cloudera.com,192.168.1.1

string

password
optional

The proxy password.

string

port
required

The proxy port.

integer (int32)

protocol
required

The protocol.

string

proxyConfigName
required

The name of the proxy config.

string

user
optional

The proxy user.

string

CreateProxyConfigResponse

Response object for a create proxy config request.

Name Description Schema

proxyConfig
required

The proxy config object.

ProxyConfig

Credential

A credential object.

Name Description Schema

awsCredentialProperties
optional

The credential properties that closely related to those that have been created on AWS.

AwsCredentialProperties

azureCredentialProperties
optional

The credential properties that closely related to those that have been created on Azure.

AzureCredentialProperties

cloudPlatform
required

The cloud provider.

string

credentialName
required

The name of the credential.

string

crn
required

The CRN of the credential.

string

description
optional

A description for the credential.

string

gcpCredentialProperties
optional

The credential properties that closely related to those that have been created on GCP.

GCPCredentialProperties

CredentialGranularPolicyResponse

Response object for the granular policy for the given service or experience.

Name Description Schema

policyJson
required

The policy JSON encoded in base64.

string

service
required

The name of the service that requires the given policy for resource management.

string

CustomDockerRegistryRequest

The desired custom docker registry for data services to be used.

Name Description Schema

crn
required

The CRN of the desired custom docker registry for data services to be used.

string

CustomDockerRegistryResponse

The configured custom docker registry for data services.

Name Description Schema

crn
required

The CRN of the configured custom docker registry for data services on the environment.

string

DataServices

Data Services parameters response of the environment.

Name Description Schema

azure
optional

Azure-specific Data Service parameters response.

AzureDataServicesParameters

DataServicesRequest

Data Services parameters request of the environment.

Name Description Schema

azure
optional

Azure-specific Data Service parameters request.

AzureDataServicesParametersRequest

DeleteAuditCredentialRequest

Request object for a delete audit credential request.

Name Description Schema

credentialName
required

The name or CRN of the credential.

string

DeleteAuditCredentialResponse

Response object for a delete audit credential request.

Type : object

DeleteCredentialRequest

Request object for a delete credential request.

Name Description Schema

credentialName
required

The name or CRN of the credential.

string

DeleteCredentialResponse

Response object for a delete credential request.

Type : object

DeleteEnvironmentRequest

Request object for a delete environment request.

Name Description Schema

cascading
optional

Delete all connected resources too.

boolean

environmentName
required

The name or CRN of the environment.

string

forced
optional

Force delete action removes CDP resources and may leave cloud provider resources running even if the deletion did not succeed.

boolean

DeleteEnvironmentResponse

Response object for a delete environment request.

Type : object

DeleteProxyConfigRequest

Request object for a delete proxy config request.

Name Description Schema

proxyConfigName
required

The name or CRN of the proxy config.

string

DeleteProxyConfigResponse

Response object for a delete proxy config request.

Type : object

DescribeEnvironmentRequest

Request object for a describe environment request.

Name Description Schema

environmentName
required

The names or CRN of the environment.

string

DescribeEnvironmentResponse

Response object for a describe environment request.

Name Description Schema

environment
required

The environment.

Environment

DetachFreeIpaRecipesRequest

Request object for detaching recipes from FreeIPA.

Name Description Schema

environment
required

The environment name or CRN of the FreeIPA.

string

recipes
required

The list of recipes to detach.

< string > array

DetachFreeIpaRecipesResponse

Response object for detaching recipes from FreeIPA.

Type : object

DownscaleFreeipaRequest

The request object for FreeIPA downscale. Either targetAvailabilityType or instances

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

instances
optional

The instance Ids to downscale.

< string > array

targetAvailabilityType
optional

The target FreeIPA availability type.

enum (HA, TWO_NODE_BASED)

DownscaleFreeipaResponse

The response object for FreeIPA downscale.

Name Description Schema

operationId
optional

UUID of the request for this operation. This ID can be used to get the status of the operation.

string

originalAvailabilityType
optional

The target FreeIPA availability type.

enum (HA)

targetAvailabilityType
optional

The target FreeIPA availability type.

enum (HA, TWO_NODE_BASED)

EnvValidation

Object for validating services.

Name Description Schema

message
optional

Validation message.

string

severity
optional

The level of validation severity.

enum (INFO, WARNING, ERROR)

Environment

The environment.

Name Description Schema

authentication
optional

SSH key for accessing cluster node instances.

Authentication

awsDetails
optional

AWS-specific environment configuration information.

awsDetails

backupStorage
optional

Storage configuration for backup.

BackupStorage

cloudPlatform
required

Cloud platform of the environment.

string

created
optional

Creation date

string (date-time)

creator
optional

The CRN of the user who has created the given environment.

string

credentialName
required

Name of the credential of the environment.

string

crn
required

CRN of the environment.

string

customDockerRegistry
optional

The configured custom docker registry for data services on the environment.

CustomDockerRegistryResponse

dataServices
optional

Data Services parameters of the environment.

DataServices

description
optional

Description of the environment

string

environmentName
required

Name of the environment.

string

freeipa
optional

Details of FreeIPA instance associated with this environment.

FreeipaDetails

gcpDetails
optional

GCP specific environment configuration information.

gcpDetails

logStorage
required

Storage configuration for cluster and audit logs.

LogStorage

network
required

Network related specifics of the environment.

Network

proxyConfig
optional

The proxy config.

ProxyConfig

region
required

Region of the environment.

string

reportDeploymentLogs
optional

When true, this will report additional diagnostic information back to Cloudera.

boolean

securityAccess
optional

Security control for FreeIPA and Data Lake deployment.

SecurityAccess

status
required

Status of the environment.

string

statusReason
optional

The status reason.

string

tags
optional

Environment tags object containing the tag values defined for the environment.

EnvironmentTags

workloadAnalytics
optional

When this is enabled, diagnostic information about job and query execution is sent to Workload Manager for Data Hub clusters created within this environment.

boolean

awsDetails

Name Description Schema

s3GuardTableName
optional

The name for the DynamoDB table backing S3Guard.

string

gcpDetails

Name Description Schema

sharedProjectId
optional

ID of the Google project where the resources are created.

string

EnvironmentSummary

The environment summary.

Name Description Schema

cloudPlatform
required

Cloud platform of the environment.

string

created
optional

Creation date

string (date-time)

credentialName
required

Name of the credential of the environment. Must contain only lowercase letters, numbers and hyphens.

string

crn
required

CRN of the environment.

string

description
optional

Description of the environment.

string

environmentName
required

Name of the environment.

string

proxyConfigName
optional

Name of the proxy config of the environment.

string

region
required

Region of the environment.

string

status
required

Status of the environment,

string

EnvironmentTags

Environment tags object containing the tag values defined for the environment.

Name Description Schema

defaults
optional

Map of tag names to values, for default tags.

< string, string > map

userDefined
optional

Map of tag names to values, for user-defined tags.

< string, string > map

Error

An object returned on an error.

Name Description Schema

code
optional

The error code.

string

message
optional

The error message.

string

ExistingAzureNetworkRequest

Request object for creating an Azure environment using existing VNet and subnets.

Name Description Schema

aksPrivateDnsZoneId
optional

The full Azure resource ID of an existing Private DNS zone used for the AKS.

string

databasePrivateDnsZoneId
optional

The full Azure resource ID of the existing Private DNS Zone used for Flexible Server and Single Server Databases.

string

networkId
required

The id of the Azure VNet.

string

resourceGroupName
required

The name of the resource group associated with the VNet.

string

subnetIds
required

One or more subnet ids within the VNet.

< string > array

ExistingGCPNetworkRequest

Request object for creating an GCP environment using existing VPC and subnets.

Name Description Schema

networkName
required

The name of the GCP VPC.

string

sharedProjectId
optional

The ID of the Google project associated with the VPC.

string

subnetNames
required

One or more subnet names within the VPC. Google VPC’s are global, please give subnets from single geographic region only to reduce latency.

< string > array

ExposedService

Exposed CDP DC service object.

Name Description Schema

displayName
optional

Display name of service.

string

name
optional

Name of service.

string

serviceUrl
optional

URL of service.

string

serviceValidationMessages
optional

List of service validation message.

< EnvValidation > array

serviceVersion
optional

Version of service.

string

status
optional

Status of service.

string

type
optional

Type of service.

string

FreeIPANodeStatus

The status and issues of an individual FreeIPA node.

Name Description Schema

hostname
required

The hostname of the ipa instance.

string

instanceId
optional

The instance ID for the instance.

string

issues
optional

A list of issues the node is having

< string > array

status
required

The status of the individual node

enum (REQUESTED, CREATED, UNREGISTERED, REGISTERED, DECOMMISSIONED, TERMINATED, DELETED_ON_PROVIDER_SIDE, DELETED_BY_PROVIDER, FAILED, STOPPED, REBOOTING, UNREACHABLE, UNHEALTHY, DELETE_REQUESTED)

FreeIpaImageRequest

Request object for FreeIPA image.

Name Description Schema

catalog
optional

Image catalog to use for FreeIPA image selection.

string

id
optional

Image ID to use for creating FreeIPA instances.

string

os
optional

The OS to use for creating FreeIPA instances.

string

FreeIpaInstance

Object for a FreeIPA instance providing specific information about the instance.

Name Description Schema

attachedVolumes
optional

List of volumes attached to this instance.

< AttachedVolumeDetail > array

availabilityZone
optional

The availability zone of the instance.

string

discoveryFQDN
optional

The fully qualified domain name of the instance in the service discovery cluster.

string

instanceGroup
optional

The instance group that contains the instance.

string

instanceId
optional

The instance ID for the instance.

string

instanceStatus
optional

The status of the instance.

string

instanceStatusReason
optional

The status reason for the instance.

string

instanceType
optional

The type of the instance (either GATEWAY or GATEWAY_PRIMARY).

string

instanceVmType
optional

The VM type of the instance. Supported values depend on the cloud platform.

string

lifeCycle
optional

The life cycle type for the instance (either NORMAL or SPOT).

string

privateIP
optional

The private IP of the instance.

string

publicIP
optional

The public IP of the instance.

string

sshPort
optional

The SSH port of the instance.

integer (int32)

subnetId
optional

The subnet ID of the instance.

string

FreeipaDetails

Details of a FreeIPA cluster.

Name Description Schema

crn
optional

CRN of the FreeIPA cluster.

string

domain
optional

The domain name of the FreeIPA cluster.

string

hostname
optional

The hostname of the FreeIPA cluster.

string

instanceCountByGroup
optional

The number of FreeIPA instances to create per group when creating FreeIPA in environment.

integer (int32)

instances
optional

The instances of the FreeIPA cluster.

< FreeIpaInstance > array

multiAz
optional

Whether the given FreeIPA is deployed in a multi-availability zone way or not.

boolean

recipes
optional

The recipes for the FreeIPA cluster.

< string > array

serverIP
optional

The IP addresses of the FreeIPA cluster.

< string > array

FreeipaDiagnosticsCollectionDetailsResponse

Response object for diagnostic collection details.

Name Description Schema

accountId
optional

Account Id that was used for the diagnostics collection.

string

case
optional

Case number for the diagnostics collection.

string

clusterVersion
optional

Version of the cluster that was used for the diagnostics collection.

string

description
optional

Description of the diagnostics collection.

string

destination
optional

Destination type of the diagnostics collection.

string

output
optional

Output destination of the diagnostics collection.

string

resourceCrn
optional

Crn of the Freeipa cluster.

string

FreeipaDiagnosticsCollectionResponse

Response object for diagnostic collection flow details.

Name Description Schema

collectionDetails
optional

Additional details about the diagnostics collection.

FreeipaDiagnosticsCollectionDetailsResponse

created
optional

Creation date of the diagnostics collection flow.

string (date-time)

flowId
optional

Flow ID of the diagnostics collection flow.

string

flowState
optional

Current state of the diagnostics collection flow.

string

progressPercentage
optional

Progress percentage of the diagnostics collection flow (maximum value if finished).

integer (int32)

status
optional

Status of the diagnostics collection flow.

enum (RUNNING, FAILED, FINISHED, CANCELLED)

FreeipaVmLogRequest

Log descriptor, contains a path and label pair. Used for diagnostics collections.

Name Description Schema

label
required

Label that will be used to identify a log descriptor. (will be used as a folder inside logs folder)

string

path
required

Path of the log file(s) that needs to be collected. (Can be glob wildcard)

string

FreeipaVmLogResponse

Log descriptor, contains a path and label pair. Used for diagnostics collections.

Name Description Schema

label
optional

Label that will be used to identify a log descriptor. (will be used as a folder inside logs folder)

string

path
optional

Path of the log file(s) that needs to be collected. (Can be glob wildcard)

string

GCPCredentialProperties

The credential properties that closely related to those that have created on GCP.

Name Description Schema

keyType
optional

The GCP credential key type. Json is the only supported key type.

string

GCPFreeIpaCreationRequest

Request object for creating FreeIPA in the environment.

Name Description Schema

instanceCountByGroup
optional

The number of FreeIPA instances to create per group when creating FreeIPA in the environment

integer (int32)

instanceType
optional

Custom instance type of FreeIPA instances.

string

recipes
optional

The recipes for the FreeIPA cluster.

< string > array

GcpCredentialPrerequisitesResponse

Response object for getting GCP credential prerequisites.

Name Description Schema

serviceAccountCreationCommand
required

GCP CLI command to create service account encoded in base64.

string

GcpLogStorageRequest

GCP storage configuration for cluster and audit logs.

Name Description Schema

backupStorageLocationBase
optional

The Google storage bucket to use. This should be a gs:// url.

string

serviceAccountEmail
required

Email id of the service account to be associated with the instances. This service account should have "storage.ObjectCreator" role on the given storage bucket.

string

storageLocationBase
required

The Google storage bucket to use. This should be a gs:// url.

string

GcpSecurityAccessRequest

Firewall rules for FreeIPA, Data Lake and Data Hub deployment.

Name Description Schema

defaultSecurityGroupId
optional

Firewall rule for other hosts.
Minimum length : 1

string

securityGroupIdForKnox
optional

Firewall rule for Knox hosts.
Minimum length : 1

string

GcpTagRequest

A label that can be attached to GCP resources. Please refer to Google documentation for the rules https://cloud.google.com/compute/docs/labeling-resources#label_format.

Name Description Schema

key
required

The tag’s name.

string

value
required

The associated value of the tag.

string

GetAccountTelemetryDefaultRequest

Request object for get default account level telemetry settings.

Type : object

GetAccountTelemetryDefaultResponse

Response object for get default account level telemetry settings.

Name Description Schema

reportDeploymentLogs
optional

Flag to enable account level deployment log collection. (that will be used as a default for environment)

boolean

rules
optional

List of anonymization rules that are applied on logs that are shipped to Cloudera

< AnonymizationRuleResponse > array

workloadAnalytics
optional

Flag to enable account level workload analytics. (that will be used as a default for environment)

boolean

GetAccountTelemetryRequest

Request object for get account level telemetry settings.

Type : object

GetAccountTelemetryResponse

Response object for get account level telemetry settings.

Name Description Schema

reportDeploymentLogs
optional

Flag to enable account level deployment log collection. (that will be used as a default for environment)

boolean

rules
optional

List of anonymization rules that are applied on logs that are shipped to Cloudera

< AnonymizationRuleResponse > array

workloadAnalytics
optional

Flag to enable account level workload analytics. (that will be used as a default for environment)

boolean

GetAuditCredentialPrerequisitesRequest

Request object for getting the audit credential prerequisites for the given cloud platform.

Name Description Schema

cloudPlatform
required

The kind of cloud platform.

enum (AWS, AZURE, GCP)

GetAuditCredentialPrerequisitesResponse

The audit credential prerequisites.

Name Description Schema

accountId
optional

The provider specific identifier of the account/subscription/project that is used by Cloudbreak.

string

aws
optional

Provides the external id and policy JSON (this one encoded in base64) for AWS credential creation.

AwsCredentialPrerequisitesResponse

azure
optional

Provides the app creation command and role definition Json for Azure credential creation.

AzureCredentialPrerequisitesResponse

cloudPlatform
required

The name of the given cloud platform

string

gcp
optional

Provides the service account creation command for GCP credential creation.

GcpCredentialPrerequisitesResponse

GetAzureImageTermsPolicyRequest

Request object to retrieve current value of setting that controls automatic acceptance of Azure Marketplace image terms.

Type : object

GetAzureImageTermsPolicyResponse

Response object to retrieve current value of setting that controls automatic acceptance of Azure Marketplace image terms.

Name Description Schema

accepted
required

Flag denoting whether automatic Azure Marketplace image terms acceptance is enabled or disabled.

boolean

GetCredentialPrerequisitesRequest

Request object for getting the credential prerequisites for the given cloud platform.

Name Description Schema

cloudPlatform
required

The kind of cloud platform.

enum (AWS, AZURE)

GetCredentialPrerequisitesResponse

The credential prerequisites for AWS.

Name Description Schema

accountId
optional

The provider specific identifier of the account/subscription/project that is used by Cloudbreak.

string

aws
optional

Provides the external id and policy JSON (this one encoded in base64) for AWS credential creation.

AwsCredentialPrerequisitesResponse

azure
optional

Provides the app creation command and role definition Json for Azure credential creation.

AzureCredentialPrerequisitesResponse

cloudPlatform
required

The name of the given cloud platform

string

GetEnvironmentSettingRequest

Request object to query environment configuration settings.

Name Description Schema

attrs
required

List of attributes to query settings for. Non-existant settings will be ignored.

< string > array

environmentName
optional

The name or CRN of the environment. Empty to get system wide settings.

string

GetEnvironmentSettingResponse

Response object containing configuration settings.

Name Description Schema

settings
optional

Dictionary of settings found.

< string, string > map

GetEnvironmentUserSyncStateRequest

Request object for retrieving the user sync state of an environment.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

GetEnvironmentUserSyncStateResponse

Response object for retrieving the user sync state of an environment.

Name Description Schema

state
required

The user sync state of the environment.

enum (UP_TO_DATE, STALE, SYNC_IN_PROGRESS, SYNC_FAILED)

userSyncOperationId
optional

Operation Id for the latest user sync operation, if any, run for this environment.

string

GetFreeipaLogDescriptorsRequest

Request object for obtaining log descriptors. (that are used for diagnostics collection)

Type : object

GetFreeipaLogDescriptorsResponse

Response object for obtaining log descriptors. (useful for diagnostics collection filtering)

Name Description Schema

logs
optional

Array of log descriptors. (useful for diagnostics collection filtering)

< FreeipaVmLogResponse > array

GetFreeipaStatusRequest

Request object for getting the status of the FreeIPA servers.

Name Description Schema

environmentName
required

The environment name or CRN of the FreeIPA to repair

string

GetFreeipaStatusResponse

The overall status of the FreeIPA cluster.

Name Description Schema

environmentCrn
required

The CRN of the environment

string

environmentName
required

The name of the Environment

string

instances
required

Status of individual nodes in the FreeIPA cluster

< string, FreeIPANodeStatus > map

status
required

The overall status of the FreeIPA cluster

enum (REQUESTED, CREATE_IN_PROGRESS, AVAILABLE, STACK_AVAILABLE, UPDATE_IN_PROGRESS, UPDATE_REQUESTED, UPDATE_FAILED, CREATE_FAILED, DELETE_IN_PROGRESS, DELETE_FAILED, DELETE_COMPLETED, STOPPED, STOP_REQUESTED, START_REQUESTED, STOP_IN_PROGRESS, START_IN_PROGRESS, START_FAILED, STOP_FAILED, WAIT_FOR_SYNC, MAINTENANCE_MODE_ENABLED, UNREACHABLE, UNHEALTHY, DELETED_ON_PROVIDER_SIDE, UNKNOWN)

GetGovCloudAuditCredentialPrerequisitesRequest

Request object for getting the audit credential prerequisites for GovCloud for the enabled providers.

Name Description Schema

cloudPlatform
required

The kind of cloud platform. As of now, the following cloud provider is accepted as the value of this field - AWS

string

GetGovCloudAuditCredentialPrerequisitesResponse

The audit credential prerequisites for GovCloud for the enabled providers.

Name Description Schema

accountId
optional

The provider specific identifier of the account/subscription/project.

string

aws
optional

Provides the external id and policy JSON (this one encoded in base64) for AWS credential creation.

AwsCredentialPrerequisitesResponse

GetGovCloudCredentialPrerequisitesRequest

Request object for getting the credential prerequisites for GovCloud for the enabled providers.

Name Description Schema

cloudPlatform
required

The kind of cloud platform. As of now, the following cloud provider is accepted as the value of this field - AWS

string

GetGovCloudCredentialPrerequisitesResponse

The credential prerequisites for GovCloud for the enabled providers.

Name Description Schema

accountId
optional

The provider specific identifier of the account/subscription/project.

string

aws
optional

Provides the external id and policy JSON (this one encoded in base64) for AWS GovCloud credential creation.

AwsCredentialPrerequisitesResponse

GetIdBrokerMappingsRequest

Request object for getting ID Broker mappings for an environment.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

GetIdBrokerMappingsResponse

Response object for getting ID Broker mappings for an environment.

Name Description Schema

baselineRole
optional

Deprecated. Please use rangerAuditRole instead.

string

dataAccessRole
required

The cloud provider role to which data access services will be mapped (e.g. an ARN in AWS, a Resource ID in Azure).

string

mappings
optional

ID Broker mappings for individual actors and groups. Does not include mappings for data access services. May be empty if no individual mappings are needed.

< IdBrokerMapping > array

mappingsVersion
required

The version of the mappings.

integer (int64)

rangerAuditRole
required

The cloud provider role to which services that write to Ranger audit logs will be mapped (e.g. an ARN in AWS, a Resource ID in Azure). Note that some data access services also write to Ranger audit logs; such services will be mapped to the dataAccessRole, not the rangerAuditRole.

string

rangerCloudAccessAuthorizerRole
optional

The cloud provider role to which the Ranger RAZ service will be mapped (e.g. an ARN in AWS, a Resource ID in Azure).

string

GetIdBrokerMappingsSyncStatusRequest

Request object for getting ID Broker mappings sync status.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

GetIdBrokerMappingsSyncStatusResponse

Response object for getting ID Broker mappings sync status.

Name Description Schema

globalStatus
required

The overall mappings sync status for all datalake clusters in the environment.

SyncStatus

statuses
required

Map of datalake cluster CRN to mappings sync status for each datalake cluster in the environment.

< string, IdBrokerSyncStatus > map

syncNeeded
required

Whether a sync is needed to bring in-cluster mappings up-to-date.

boolean

GetKeytabRequest

Request object for get keytab request.

Name Description Schema

actorCrn
optional

The CRN of the user or machine user to retrieve the keytab for. If it is not included, it defaults to the user making the request.

string

environmentName
required

The name or CRN of the environment.

string

GetKeytabResponse

Request object for get keytab request.

Name Description Schema

contents
optional

The contents of the keytab encoded as a base64 string.

string

GetOperationRequest

Request object for tracking the latest (current/last) operation on the environment resource.

Name Description Schema

environmentName
required

Name of the environment resource.

string

GetOperationResponse

Response object for tracking the latest (current/last) operation on the environment resource.

Name Description Schema

operationId
optional

Identifier of the operation.

string

operationStatus
optional

Status of the operation.

enum (UNKNOWN, RUNNING, FAILED, FINISHED, CANCELLED)

operationType
optional

Type of the operation.

string

progress
optional

Progress percentage of the operation.

integer (int32)

GetRepairFreeipaStatusRequest

Request object for Repair Status.

Name Description Schema

operationId
required

operationId for the previously requested repair operation.

string

GetRepairFreeipaStatusResponse

Response object for Repair Operation.

Name Description Schema

endDate
optional

Date when the operation ended. Omitted if operation has not ended.

string (date-time)

error
optional

If there is any error associated. The error will be populated on any error and it may be populated when the operation failure details are empty. The error will typically contain the high level information such as the assocated repair failure phase.

string

failureOperationDetails
optional

List of operation details for failures. If the repair is only partially successful both successful and failure operation details will be populated.

< RepairOperationDetails > array

startDate
optional

Date when the operation started.

string (date-time)

status
optional

Status of this operation.

RepairStatus

successfulOperationDetails
optional

List of operation details for all successes. If the repair is only partially successful both successful and failure operation details will be populated.

< RepairOperationDetails > array

GetRootCertificateRequest

Request object for obtaining public certificate of an environment.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

GetRootCertificateResponse

Response object with base64 encoded contents of the public certificate for an environment.

Name Description Schema

contents
optional

Contents of a certificate.

string

IdBrokerMapping

A mapping of an actor or group to a cloud provider role.

Name Description Schema

accessorCrn
required

The CRN of the actor or group.

string

role
required

The cloud provider role (e.g., ARN in AWS, Resource ID in Azure) to which the actor or group is mapped.

string

IdBrokerMappingRequest

A mapping of an actor or group to a cloud provider role, used in request objects.

Name Description Schema

accessorCrn
required

The CRN of the actor or group.

string

role
required

The cloud provider role (e.g., ARN in AWS, Resource ID in Azure) to which the actor or group is mapped.

string

IdBrokerSyncStatus

Status of an ID Broker mappings sync operation.

Name Description Schema

endDate
optional

The date when the mappings sync completed or was terminated. Omitted if status is NEVER_RUN or RUNNING.

string (date-time)

errorDetail
optional

The detail of the error. Omitted if status is not FAILED.

string

startDate
optional

The date when the mappings sync started executing. Omitted if status is NEVER_RUN.

string (date-time)

status
required

The mappings sync summary status.

SyncStatus

ImageInfoResponse

Information about FreeIPA image.

Name Description Schema

catalog
optional

Image catalog URL.

string

catalogName
optional

Image catalog name.

string

date
optional

Creation date of the image from catalog.

string

id
optional

Virtual machine image ID from ImageCatalog, machines of the cluster will be started from this image.

string

imageName
optional

Image name

string

os
optional

OS type of the image, this property is only considered when no specific image ID is provided.

string

InstanceTemplate

Instance template that specifies the core information for the instances.

Name Description Schema

attachedVolumes
optional

The attached volume configuration(s).

< AttachedVolume > array

awsProperties
optional

AWS specific FreeIPA parameters.

AwsFreeIpaInstanceTemplateParams

instanceType
optional

The type of the instance.

string

ListAuditCredentialsRequest

Request object for a list audit credentials request.

Type : object

ListAuditCredentialsResponse

Response object for a list audit credentials request.

Name Description Schema

credentials
required

The credentials.

< Credential > array

ListConnectedDataServicesRequest

Request object for listing connected Data Service(s) for a given environment.

Name Description Schema

environment
required

Name or CRN of the environment.

string

ListConnectedDataServicesResponse

Response object for listing connected Data Service(s) for a given environment.

Name Description Schema

result
required

List of connected Data Service for the given environment.

< ConnectedDataService > array

ListCredentialsRequest

Request object for a list credentials request.

Name Description Schema

credentialName
optional

An optional credential name to search by.

string

ListCredentialsResponse

Response object for a list credentials request.

Name Description Schema

credentials
required

The credentials.

< Credential > array

ListEnvironmentsRequest

Request object for a list environments request.

Type : object

ListEnvironmentsResponse

Response object for a list environments request.

Name Description Schema

environments
required

The environment.

< EnvironmentSummary > array

ListFreeipaDiagnosticsRequest

Request object for listing recent FreeIPA diagnostics collections.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

ListFreeipaDiagnosticsResponse

Response object for listing recent FreeIPA diagnostics collections.

Name Description Schema

collections
optional

description.

< FreeipaDiagnosticsCollectionResponse > array

ListProxyConfigsRequest

Request object for a list proxy configs request.

Name Description Schema

proxyConfigName
optional

An optional proxy config name to search by.

string

ListProxyConfigsResponse

Response object for a list proxy configs request.

Name Description Schema

proxyConfigs
required

The proxy configs.

< ProxyConfig > array

LogStorage

Storage configuration for cluster and audit logs.

Name Description Schema

awsDetails
optional

AWS-specific log storage configuration information.

awsDetails

azureDetails
optional

Azure-specific log storage configuration information.

azureDetails

enabled
required

Whether external log storage is enabled.

boolean

gcpDetails
optional

GCP-specific log storage configuration information.

gcpDetails

awsDetails

Name Description Schema

instanceProfile
optional

The AWS instance profile that which contains the necessary permissions to access the S3 storage location.

string

storageLocationBase
optional

The base location to store logs in S3. This should be an s3a:// url.

string

azureDetails

Name Description Schema

managedIdentity
optional

The managed identity associated with the logger. This identity should have Storage Blob Data Contributor role on the given storage account.

string

storageLocationBase
optional

The storage location to use. The location has to be in the following format abfs://filesystem@storage-account-name.dfs.core.windows.net.

string

gcpDetails

Name Description Schema

serviceAccountEmail
optional

Email ID of the service account associated with the logging instances.

string

storageLocationBase
optional

The storage location to use. This should be a gs:// url.

string

Network

The network.

Name Description Schema

aws
optional

AWS network parameters.

NetworkAwsParams

azure
optional

Azure network parameters.

NetworkAzureParams

endpointAccessGatewayScheme
optional

The scheme for the endpoint gateway. PUBLIC indicates an external endpoint that can be accessed over the Internet.

enum (PUBLIC, PRIVATE)

endpointAccessGatewaySubnetIds
optional

The subnets to use for endpoint access gateway.

< string > array

gcp
optional

GCP network parameters.

NetworkGcpParams

networkCidr
optional

The range of private IPv4 addresses that resources will use under this network.

string

networkName
required

Name or id of the network

string

subnetIds
required

Subnet names or ids of the network.

< string > array

subnetMetadata
optional

Additional subnet metadata of the network.

< string, CloudSubnet > map

NetworkAwsParams

AWS network parameters.

Name Description Schema

vpcId
required

VPC ids of the specified networks.

string

NetworkAzureParams

Azure network parameters.

Name Description Schema

aksPrivateDnsZoneId
optional

The full Azure resource ID of an existing Private DNS zone used for the AKS.

string

databasePrivateDnsZoneId
optional

The full Azure resource ID of the existing Private DNS Zone used for Flexible Server and Single Server Databases.

string

enableOutboundLoadBalancer
optional

Whether the outbound load balancer was created for this environment.

boolean

flexibleServerSubnetIds
optional

The subnets delegated for Flexible Server database. Accepts either the name or the full resource id.

< string > array

networkId
required

The id of the Azure VNet.

string

resourceGroupName
required

The name of the resource group associated with the VNet.

string

usePublicIp
required

Whether to associate public ip’s to the resources within the network.

boolean

NetworkGcpParams

GCP network parameters.

Name Description Schema

networkName
required

The name of the GCP VPC.

string

sharedProjectId
optional

The ID of the Google project associated with the VPC.

string

usePublicIp
required

Whether to associate public ip’s to the resources within the network.

boolean

OperationType

Operation Type.

Type : enum (SET_PASSWORD, USER_SYNC)

ProxyConfig

A proxy config object.

Name Description Schema

crn
required

The CRN of the proxy config.

string

description
optional

A description for the proxy config.

string

host
required

The proxy host.

string

noProxyHosts
optional

Comma-separated list of 'CIDR', '[.]host[:port]' (can be a subdomain as well) and 'IP[:port]' entries that should not be proxied. Wildcards are not accepted. For example .cloudera.com,192.168.1.1

string

password
optional

The proxy password.

string

port
required

The proxy port.

integer (int32)

protocol
required

The protocol.

string

proxyConfigName
required

The name of the proxy config.

string

user
optional

The proxy user.

string

RepairFreeipaRequest

Request object for repairing the FreeIPA servers.

Name Description Schema

environmentName
required

The environment name or CRN of the FreeIPA to repair

string

force
optional

Force the repair even if the status if the FreeIPA nodes are good.
Default : false

boolean

instances
optional

The instance Ids to repair. If not provided then all instances are looked at for repair.

< string > array

repairType
optional

The type of FreeIPA repair to perform. * AUTO - Currently, this is the same as reboot but this may change in the future. * REBOOT - Repair the failed instances by rebooting them. * REBUILD - Repair the failed instances by deleting them and creating new instances, then replicate data from an existing instance to the new instances.

enum (AUTO, REBOOT, REBUILD)

RepairFreeipaResponse

Response object for an FreeIPA repair request.

Name Description Schema

endDate
optional

Date when the operation ended. Omitted if operation has not ended.

string (date-time)

error
optional

If there is any error associated. The error will be populated on any error and it may be populated when the operation failure details are empty. The error will typically contain the high level information such as the assocated repair failure phase.

string

failureOperationDetails
optional

List of operation details for failures. If the repair is only partially successful both successful and failure operation details will be populated.

< RepairOperationDetails > array

operationId
optional

Operation ID of the request for this operation. This ID can be used for geting status on the operation.

string

startDate
optional

Date when the operation started.

string (date-time)

status
optional

Status of this operation.

RepairStatus

successfulOperationDetails
optional

List of operation details for all successes. If the repair is only partially successful both successful and failure operation details will be populated.

< RepairOperationDetails > array

RepairOperationDetails

Details object of the repair operation for success or falure.

Name Description Schema

environmentCrn
required

environment crn.

string

message
optional

The detail of the success or failure.

string

RepairStatus

Status of a repair operation.

Type : enum (NEVER_RUN, REQUESTED, REJECTED, RUNNING, COMPLETED, FAILED, TIMEDOUT)

RetryFreeipaRequest

Request object for retry FreeIPA request.

Name Description Schema

environment
required

The name or CRN of the environment.

string

RetryFreeipaResponse

Response object for retry FreeIPA operation on an environment.

Type : object

RotateSaltPasswordRequest

Request object for rotating SaltStack user password on FreeIPA instances.

Name Description Schema

environment
required

The name or CRN of the environment.

string

RotateSaltPasswordResponse

Response object for rotating SaltStack user password on FreeIPA instances.

Type : object

SecurityAccess

Security control configuration for FreeIPA and Datalake deployment.

Name Description Schema

cidr
optional

CIDR range which is allowed for inbound traffic. Either IPv4 or IPv6 is allowed.

string

defaultSecurityGroupId
optional

Security group where all other hosts are placed.

string

securityGroupIdForKnox
optional

Security group where Knox-enabled hosts are placed.

string

SecurityAccessRequest

Security control configuration for FreeIPA and Datalake deployment. Choosing a CIDR will automatically create security groups. Alternatively existing security groups can be specified.

Name Description Schema

cidr
optional

CIDR range which is allowed for inbound traffic. Either IPv4 or IPv6 is allowed.

string

defaultSecurityGroupIDs
optional

Security group IDs where all other hosts are placed. Mutually exclusive with CIDR.

< string > array

defaultSecurityGroupId
optional

Security group where all other hosts are placed. Mutually exclusive with cidr.

string

securityGroupIDsForKnox
optional

Security group IDs where Knox-enabled hosts are placed. Mutually exclusive with CIDR.

< string > array

securityGroupIdForKnox
optional

Security group where Knox-enabled hosts are placed. Mutually exclusive with cidr.

string

SetAWSAuditCredentialRequest

Request object for a set AWS audit credential request.

Name Description Schema

roleArn
required

The ARN of the delegated access role.

string

SetAWSAuditCredentialResponse

Response object for a set AWS audit credential request.

Name Description Schema

credential
required

The credential object.

Credential

SetAWSGovCloudAuditCredentialRequest

Request object for a set AWS GovCloud audit credential request.

Name Description Schema

roleArn
required

The ARN of the delegated access role.

string

SetAWSGovCloudAuditCredentialResponse

Response object for a set AWS GovCloud audit credential request.

Name Description Schema

credential
required

The credential object.

Credential

SetAccountTelemetryRequest

Request object to enable environment level telemetry features.

Name Description Schema

reportDeploymentLogs
optional

Flag to enable account level deployment log collection. (that will be used as a default for environment)

boolean

rules
optional

List of anonymization rules that are applied on logs that are shipped to Cloudera

< AnonymizationRuleRequest > array

workloadAnalytics
optional

Flag to enable account level workload analytics. (that will be used as a default for environment)

boolean

SetAccountTelemetryResponse

Response object for set account level telemetry settings.

Name Description Schema

reportDeploymentLogs
optional

Flag to enable account level deployment log collection. (that will be used as a default for environment)

boolean

rules
optional

List of anonymization rules that are applied on logs that are shipped to Cloudera

< AnonymizationRuleResponse > array

workloadAnalytics
optional

Flag to enable account level workload analytics. (that will be used as a default for environment)

boolean

SetAzureAuditCredentialRequest

Request object for a set Azure audit credential request.

Name Description Schema

appBased
required

Additional configurations needed for app-based authentication.

appBased

subscriptionId
required

The Azure subscription ID.

string

tenantId
required

The Azure AD tenant ID for the Azure subscription.

string

appBased

Name Description Schema

applicationId
required

The id of the application registered in Azure.

string

secretKey
required

The client secret key (also referred to as application password) for the registered application.

string

SetAzureAuditCredentialResponse

Response object for a set Azure audit credential request.

Name Description Schema

credential
required

The credential object.

Credential

SetCatalogRequest

The request object to set catalog for a FreeIPA.

Name Description Schema

catalog
required

URL of the FreeIPA catalog to be used.

string

environment
required

The name or CRN of the affected environment that holds the FreeIPA installation.

string

SetCatalogResponse

The response object to set catalog for a FreeIPA request.

Type : object

SetEndpointAccessGatewayRequest

Request object to set endpoint access gateway settings.

Name Description Schema

endpointAccessGatewayScheme
required

The scheme for the endpoint gateway. PUBLIC creates an external endpoint that can be accessed over internet. Defaults to PRIVATE which restricts the traffic to be internal to the VPC / Vnet.

enum (PUBLIC, PRIVATE)

endpointAccessGatewaySubnetIds
optional

The subnets to use for endpoint access gateway.

< string > array

environment
required

The name or CRN of the environment. Empty to get system wide settings.

string

SetEndpointAccessGatewayResponse

Response object for set endpoint access gateway request.

Type : object

SetEnvironmentSettingRequest

Request object to set environment configuration settings.

Name Description Schema

environmentName
optional

The name or CRN of the environment. Empty to set system wide settings.

string

settings
required

Dictionary of settings to set.

< string, string > map

SetEnvironmentSettingResponse

Response object to set configuration.

Type : object

SetGCPAuditCredentialRequest

Request object for a set GCP audit credential request.

Name Description Schema

credentialKey
required

The JSON key for the service account. Please use the local path when using the CLI (e.g. file:///absolute/path/to/cred.json) to avoid exposing the keys in the command line history.

string

SetGCPAuditCredentialResponse

Response object for a set GCP audit credential request.

Name Description Schema

credential
required

The credential object.

Credential

SetIdBrokerMappingsRequest

Request object for setting ID Broker mappings for an environment. Overwrites all existing mappings.

Name Description Schema

baselineRole
optional

Deprecated. Please use rangerAuditRole instead.

string

dataAccessRole
required

The cloud provider role to which data access services will be mapped (e.g. an ARN in AWS, a Resource ID in Azure).

string

environmentName
required

The name or CRN of the environment.

string

mappings
optional

ID Broker mappings for individual actors and groups. Does not include mappings for data access services. If omitted or set to an empty list, you must also specify the --set-empty-mappings option, to confirm that you want to remove any existing individual mappings.

< IdBrokerMappingRequest > array

rangerAuditRole
optional

The cloud provider role to which services that write to Ranger audit logs will be mapped (e.g. an ARN in AWS, a Resource ID in Azure). Note that some data access services also write to Ranger audit logs; such services will be mapped to the dataAccessRole, not the rangerAuditRole. THIS PARAMETER IS REQUIRED.

string

rangerCloudAccessAuthorizerRole
optional

The cloud provider role to which the Ranger RAZ service will be mapped (e.g. an ARN in AWS, a Resource ID in Azure). This is required in RAZ-enabled environments.

string

setEmptyMappings
optional

Whether to install an empty set of individual mappings, deleting any existing mappings. The --set-empty-mappings option is required if --mappings is omitted or if its value is an empty list, and disallowed otherwise.
Default : false

boolean

SetIdBrokerMappingsResponse

Response object for setting ID Broker mappings for an environment.

Name Description Schema

baselineRole
optional

Deprecated. Please use rangerAuditRole instead.

string

dataAccessRole
required

The cloud provider role to which data access services will be mapped (e.g. an ARN in AWS, a Resource ID in Azure).

string

mappings
optional

ID Broker mappings for individual actors and groups. Does not include mappings for data access services. May be empty if no individual mappings are needed.

< IdBrokerMapping > array

mappingsVersion
required

The version of the mappings.

integer (int64)

rangerAuditRole
required

The cloud provider role to which services that write to Ranger audit logs will be mapped (e.g. an ARN in AWS, a Resource ID in Azure). Note that some data access services also write to Ranger audit logs; such services will be mapped to the dataAccessRole, not the rangerAuditRole.

string

rangerCloudAccessAuthorizerRole
optional

The cloud provider role to which the Ranger RAZ service will be mapped (e.g. an ARN in AWS, a Resource ID in Azure).

string

SetPasswordRequest

Request object for set password request. (deprecated)

Name Description Schema

environmentCRNs
optional

Optional list of environment CRNs. Only the passed environments user’s password will be affected. If this field is not present, all environments will be affected.

< string > array

password
required

password field.

string

SetPasswordResponse

Response object for set password request. (deprecated)

Name Description Schema

endTime
optional

Sync operation end timestamp.

string

error
optional

If there is any error associated.

string

failure
optional

List of sync operation details for all failed envs.

< SyncOperationDetails > array

operationId
required

UUID of the request for this operation. This Id can be used for geting status on the operation.

string

operationType
optional

Operation type, set password or user sync

OperationType

startTime
optional

Sync operation start timestamp.

string

status
optional

Status of this operation. Status can be one of these values (REQUESTED, RUNNING, COMPLETED, FAILED, REJECTED, TIMEDOUT)

SyncStatus

success
optional

List of sync operation details for all succeeded environments.

< SyncOperationDetails > array

SetTelemetryFeaturesRequest

Request object to enable environment level telemetry features.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

reportDeploymentLogs
optional

Flag to enable environment level deployment log collection.

boolean

workloadAnalytics
optional

Flag to enable environment level workload analytics.

boolean

SetTelemetryFeaturesResponse

Response object to enable environment level telemetry features.

Type : object

StartEnvironmentRequest

Request object for a start environment request.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

withDatahubStart
optional

Whether the Data Hub clusters should start or not at the environment (re-)start

boolean

StartEnvironmentResponse

Response object for a start environment request.

Type : object

StartFreeIpaVerticalScalingRequest

The request object for FreeIPA vertical scaling.

Name Description Schema

environment
required

The name or CRN of the environment.

string

instanceTemplate
required

Instance template that specifies the core information for the vertical scale.

InstanceTemplate

StartFreeIpaVerticalScalingResponse

The response object for FreeIPA vertical scaling.

Name Description Schema

result
optional

The result of the operation.

string

StopEnvironmentRequest

Request object for a stop environment request.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

StopEnvironmentResponse

Response object for a stop environment request.

Type : object

SyncAllUsersRequest

Request object for a All Users and Groups Sync.

Name Description Schema

environmentNames
optional

List of environments to be synced. If not present, all environments will be synced.

< string > array

SyncAllUsersResponse

All Users and Groups Sync Response Object

Name Description Schema

endTime
optional

Sync operation end timestamp.

string

error
optional

If there is any error associated.

string

failure
optional

List of sync operation details for all failed envs.

< SyncOperationDetails > array

operationId
required

UUID of the request for this operation. This Id can be used for geting status on the operation.

string

operationType
optional

Operation type, set password or user sync

OperationType

startTime
optional

Sync operation start timestamp.

string

status
optional

Status of this operation. Status can be one of these values (REQUESTED, RUNNING, COMPLETED, FAILED, REJECTED, TIMEDOUT)

SyncStatus

success
optional

List of sync operation details for all succeeded environments.

< SyncOperationDetails > array

SyncIdBrokerMappingsRequest

Request object for synchronizing ID Broker mappings for an environment.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

SyncIdBrokerMappingsResponse

Response object for synchronizing ID Broker mappings for an environment.

Type : object

SyncOperationDetails

Details object of the sync operation for success or falure.

Name Description Schema

environmentCrn
required

environment crn.

string

message
optional

The detail of the success or failure.

string

SyncStatus

Status of a sync operation.

Type : enum (NEVER_RUN, REQUESTED, REJECTED, RUNNING, COMPLETED, FAILED, TIMEDOUT)

SyncStatusRequest

Request object for Sync Status.

Name Description Schema

operationId
required

operationId for the previously requested sync operation for user sync or password.

string

SyncStatusResponse

Response object for Sync Operation.

Name Description Schema

endTime
optional

Sync operation end timestamp.

string

error
optional

If there is any error associated.

string

failure
optional

List of sync operation details for all failed envs.

< SyncOperationDetails > array

operationId
required

UUID of the request for this operation. This Id can be used for geting status on the operation.

string

operationType
optional

Operation type, set password or user sync

OperationType

startTime
optional

Sync operation start timestamp.

string

status
optional

Status of this operation. Status can be one of these values (REQUESTED, RUNNING, COMPLETED, FAILED, REJECTED, TIMEDOUT)

SyncStatus

success
optional

List of sync operation details for all succeeded environments.

< SyncOperationDetails > array

SyncUserRequest

Request Object for single user sync operation.

Type : object

SyncUserResponse

Response Object for single user sync operation.

Name Description Schema

endTime
optional

Sync operation end timestamp.

string

error
optional

If there is any error associated.

string

failure
optional

List of sync operation details for all failed envs.

< SyncOperationDetails > array

operationId
required

UUID of the request for this operation. This Id can be used for geting status on the operation.

string

operationType
optional

Operation type, set password or user sync

OperationType

startTime
optional

Sync operation start timestamp.

string

status
optional

Status of this operation. Status can be one of these values (REQUESTED, RUNNING, COMPLETED, FAILED, REJECTED, TIMEDOUT)

SyncStatus

success
optional

List of sync operation details for all succeeded environments.

< SyncOperationDetails > array

TagRequest

A label that can be attached to some resources.

Name Description Schema

key
required

The tag’s name.

string

value
required

The associated value of the tag.

string

TestAccountTelemetryRulesRequest

Request object for testing text input against provided account telemetry anonymization rules.

Name Description Schema

rules
required

List of anonymization rules that are applied on logs that are shipped to Cloudera

< AnonymizationRuleRequest > array

testInput
required

Text input that will be tested against the provided account telemetry anonymization rules.

string

TestAccountTelemetryRulesResponse

Response object for testing anonymization rules for account telemetry.

Name Description Schema

output
optional

Output text after applying the anonymization rules on the test input.

string

UpdateAwsDiskEncryptionParametersRequest

Request object for updating AWS encryption parameters.

Name Description Schema

encryptionKeyArn
required

The ARN of an encryption key, which will be used to encrypt the AWS EBS volumes, if the entitlement has been granted.

string

environment
required

The name or CRN of the environment.

string

UpdateAwsDiskEncryptionParametersResponse

Response object for an update AWS encryption parameters request.

Name Description Schema

awsDiskEncryptionParameters
optional

Object containing details of encryption parameters for AWS cloud.

AwsDiskEncryptionParameters

environment
required

The environment summary.

Environment

UpdateAzureAvailabilityZonesRequest

Request object to update Availability Zones for Azure environment.

Name Description Schema

availabilityZones
required

List of availability zones for the environment.

< string > array

environment
required

The name or CRN of the environment.

string

UpdateAzureAvailabilityZonesResponse

Response object for a update Azure Availability Zones request.

Name Description Schema

environment
required

The environment summary.

Environment

UpdateAzureCredentialRequest

Request object for an update Azure credential request.

Name Description Schema

appBased
required

Additional configurations needed for app-based authentication.

appBased

credentialName
required

The name of the credential.

string

description
optional

A description for the credential.

string

subscriptionId
required

The Azure subscription ID.

string

tenantId
required

The Azure AD tenant ID for the Azure subscription.

string

appBased

Name Description Schema

applicationId
required

The id of the application registered in Azure.

string

authenticationType
required

Authentication type of the credential

AzureAuthenticationTypeProperties

UpdateAzureCredentialResponse

Response object for an update Azure credential request.

Name Description Schema

credential
optional

The credential object.

Credential

UpdateAzureDatabaseResourcesRequest

Request object for updating Azure Database resources.

Name Description Schema

databasePrivateDnsZoneId
optional

The full Azure resource ID of the existing Private DNS Zone used for Flexible Server and Single Server Databases.

string

environment
required

The name or CRN of the environment.

string

flexibleServerSubnetIds
optional

The subnets delegated for Flexible Server database. Accepts either the name or the full resource id.

< string > array

UpdateAzureDatabaseResourcesResponse

Response object for a update Azure Database resources request.

Name Description Schema

azureDatabaseResources
optional

Object containing details of database resources for Azure cloud.

AzureDatabaseResources

environment
required

The environment summary.

Environment

UpdateAzureEncryptionResourcesRequest

Request object for updating Azure encryption resources.

Name Description Schema

encryptionKeyResourceGroupName
optional

Name of the existing Azure resource group hosting the Azure Key Vault containing customer managed key which will be used to encrypt the Azure Managed Disks. It is required only when the entitlement is granted and the resource group of the key vault is different from the resource group in which the environment is to be created. Omitting it implies that, the key vault containing the encryption key is present in the same resource group where the environment would be created.

string

encryptionKeyUrl
required

The URL of an encryption key, which will be used to encrypt the Azure Managed Disks, if the entitlement has been granted.

string

environment
required

The name or CRN of the environment.

string

userManagedIdentity
optional

User managed identity for encryption.

string

UpdateAzureEncryptionResourcesResponse

Response object for a update Azure encryption resources request.

Name Description Schema

environment
required

The environment summary.

Environment

resourceEncryptionParameters
optional

Object containing details of encryption parameters for Azure cloud.

AzureResourceEncryptionParameters

UpdateAzureImageTermsPolicyRequest

Request object to enable or disable automatic acceptance of Azure Marketplace image terms.

Name Description Schema

accepted
required

Flag to enable or disable automatic acceptance of Azure Marketplace image terms.

boolean

UpdateAzureImageTermsPolicyResponse

Response object to enable or disable automatic acceptance of Azure Marketplace image terms.

Type : object

UpdateCustomDockerRegistryRequest

The desired custom docker registry for data services to be used.

Name Description Schema

customDockerRegistry
required

The CRN of the desired custom docker registry for data services to be used.

string

environment
required

The name or CRN of the environment.

string

UpdateCustomDockerRegistryResponse

The environment with the updated custom docker registry for data services.

Name Description Schema

environment
required

The environment.

Environment

UpdateDataServiceResourcesRequest

Update Data Services parameters request of the environment.

Name Description Schema

dataServices
required

Data Services parameters request of the environment.

DataServicesRequest

environment
required

The name or CRN of the environment.

string

UpdateDataServiceResourcesResponse

Response object for an update environment Data Service resource request.

Name Description Schema

environment
required

The environment.

Environment

UpdateOrchestratorStateRequest

Request object for running orchestrator engine state update on the FreeIPA cluster.

Name Description Schema

environment
required

The name or CRN of the environment.

string

UpdateOrchestratorStateResponse

Response object for running orchestrator engine state update on the FreeIPA cluster.

Type : object

UpdateProxyConfigRequest

Request object for updating the proxy config of the given environment.

Name Description Schema

environment
required

The name or CRN of the environment.

string

proxyConfigName
optional

The name of the new proxy config for the environment. Either this or the remove proxy flag has to be given.

string

removeProxy
optional

Flag to indicate that the current proxy config should be removed for the environment. Either this or a proxy config name has to be given.

boolean

UpdateProxyConfigResponse

Response object for updating the proxy config of the given environment.

Type : object

UpdateSecurityAccessRequest

The request object for updating security access of the given environment.

Name Description Schema

defaultSecurityGroupId
required

Security group ID for non-gateway nodes.

string

environment
required

The name or the CRN of the environment.

string

gatewayNodeSecurityGroupId
required

Security group ID where Knox-enabled hosts are placed.

string

UpdateSecurityAccessResponse

Response object for an update environment security access request.

Name Description Schema

environment
required

The environment.

Environment

UpdateSshKeyRequest

The request object for updating the environment SSH key.

Name Description Schema

environment
required

The name or the CRN of the environment.

string

existingPublicKeyId
optional

The ID of the existing SSH public key that is stored on the cloud provider side. Either this or a new public key has to be given.

string

newPublicKey
optional

A new SSH public key that is stored locally. Either this or an existing public key ID has to be given.

string

UpdateSshKeyResponse

Response object for an update environment SSH key request.

Name Description Schema

environment
required

The environment.

Environment

UpdateSubnetRequest

The request for updating subnets of the given environment.

Name Description Schema

endpointAccessGatewaySubnetIds
optional

The selected subnets to update for the given environment’s endpoint access gateway.

< string > array

environment
required

The name or the CRN of the environment.

string

subnetIds
optional

The selected subnets to update the given environment to.

< string > array

UpdateSubnetResponse

Response object for an update environment subnet request.

Name Description Schema

environment
required

The environment.

Environment

UpgradeCcmRequest

Request object for upgrading Cluster Connectivity Manager on an environment.

Name Description Schema

environment
required

The name or CRN of the environment.

string

UpgradeCcmResponse

Response object for upgrading Cluster Connectivity Manager request on an environment.

Type : object

UpgradeFreeipaRequest

The request object for FreeIPA upgrade.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

UpgradeFreeipaResponse

The response object for FreeIPA upgrade.

Name Description Schema

operationId
optional

UUID of the request for this operation. This ID can be used for geting status on the operation.

string

originalImage
optional

Original, current image.

ImageInfoResponse

targetImage
optional

Image selected for upgrade.

ImageInfoResponse

UpscaleFreeipaRequest

The request object for FreeIPA upscale.

Name Description Schema

environmentName
required

The name or CRN of the environment.

string

targetAvailabilityType
required

The target FreeIPA availability type.

enum (HA)

UpscaleFreeipaResponse

The response object for FreeIPA upscale.

Name Description Schema

operationId
optional

UUID of the request for this operation. This ID can be used to get the status of the operation.

string

originalAvailabilityType
optional

The original FreeIPA availability type.

enum (NON_HA, TWO_NODE_BASED)

targetAvailabilityType
optional

The target FreeIPA availability type.

enum (HA)

ValidateAwsCloudStorageRequest

Request object for AWS environment cloud storage validation.

Name Description Schema

credentialCrn
required

The CRN of the credential.

string

instanceProfile
required

AWS instance profile.

string

storageLocation
required

AWS S3 storage bucket location for logging.

string

ValidateAwsCloudStorageResponse

Response object for AWS environment cloud storage validation.

Name Description Schema

error
optional

Error message if validation failed.

string

status
optional

Validation result. Allowed values are "OK", "ACCESS_DENIED", "ERROR", "RESOURCE_NOT_FOUND".

string

ValidateAzureCloudStorageRequest

Request object for Azure environment cloud storage validation.

Name Description Schema

accountKey
optional

Azure account key.

string

accountName
optional

Azure account name.

string

credentialCrn
required

The CRN of the credential.

string

managedIdentity
optional

Azure managed identity.

string

secure
optional

Azure secure flag.

boolean

storageLocation
required

Azure storage location for logging.

string

ValidateAzureCloudStorageResponse

Response object for Azure environment cloud storage validation.

Name Description Schema

error
optional

Error message if validation failed.

string

status
optional

Validation result. Allowed values are "OK", "ACCESS_DENIED", "ERROR", "RESOURCE_NOT_FOUND".

string

Copyright © 2024 Cloudera, Inc. All rights reserved.